Efficient Authentication of Resource-Constrained IoT Devices based on ECQV Implicit Certification Algorithm and Datagram Transport Layer Security (DTLS) Protocol

• Main Authors: HA, DUY AN, 河惟安
• Other Authors: Zao, John Kar Kin
• Format: Others
• Language: en_US
• Published: 2016
• Online Access: http://ndltd.ncl.edu.tw/handle/81819469752798560149

碩士 === 國立交通大學 === 電機資訊國際學程 === 105 === IoT applications often work with sensitive data and are made up of a large number of constrained devices. These characters require that IoT applications must have a robust and scalable security solution. In this case, public-key cryptography can be the best choice if the cost of computation is acceptable for the constrained devices. For that reason, this work will introduce a low-cost public-key cryptography solution for the constrained devices. The solution is developed base on elliptic curve cryptography and Datagram Transport Layer Security (DTLS) protocol. The elliptic curve cryptography, combined with Elliptic Curve Qu-Vanstone (ECQV) implicit certificate, will offer a public-key cryptography solution with low-cost of computation and bandwidth for IoT applications, and by using the standard protocol DTLS, the solution can be accepted widely. The solution is a security protocol consisting of two phases. The first phase is registration phase in which a constrained node need to execute enrolment procedure to authenticate and get an ECQV implicit certificate from the certificate authority of the IoT system. The obtained ECQV implicit certificate is then used for performing authentication and key exchange scheme in the second phase, this phase is called secure key establishment phase. To prove the feasibility of the solution, an implementation of the protocol has been done based on an embedded SSL library – wolfSSL, and an evaluation of execution time of the implementation is also conducted to assess the efficiency of the solution.