LightCert: On Designing a Lighter Certificate for Resource-limited Internet of Things Devices
- 주제(키워드) IoT security
- 발행기관 아주대학교
- 지도교수 고정길
- 발행년도 2018
- 학위수여년월 2018. 8
- 학위명 석사
- 학과 및 전공 일반대학원 컴퓨터공학과
- 실제URI http://www.dcollection.net/handler/ajou/000000027813
- 본문언어 영어
- 저작권 아주대학교 논문은 저작권에 의해 보호받습니다.
초록/요약
IoT devices are typically resource-limited in terms of network bandwidth and energy capacities. While, various efforts from the Internet Engineering Task Force (IETF) has designed various IoT-related standards such as 6LoWPAN, RPL and CoAP, integrating certificate-based Internet security protocols to IoT networks is yet a progressing task. We see the main cause of this being the size of the X.509-based Internet certificates. Typically, being 1-2 KBs, the large size of these certificates can cause IEEE 802.15.4-based IoT nodes to fragment the certificate into many smaller packet-size chunks, which causes many packet transmissions to occur in the network. This thesis presents LightCert, a lightweight scheme to compress the size of the security certificates using the similarity of contents in X.509 certificates. Specifically, LightCert identifies common fields in a certificate and suppresses the transmission of these contents within the IoT subnet scope. This allows LightCert nodes to minimize the packet transmission overhead for supporting certificate-based security mechanisms such as DTLS, by as much as ∼37%. The added overhead of exchanging certificates when using LightCert is kept low to as much as ∼5 mJ of energy and ∼0.48 sec of latency.
more목차
Chapter 1 Introduction
Chapter 2 Related work
Chapter 3 Security on the Internet and Requirments for IoT devices
3.1 Certificate-based internet security
3.2 Certificate requirements for IoT devices.
3.3 Scenario
3.4 Threat model
Chapter 4 LightCert
4.1 Reduced format
4.2 Certificate registration
4.3 Handshaking
4.4 Certificate exchange
4.4.1 IoT subnet scenario
4.4.2 Out-bound certificates from the IoT Subnet
4.4.3 In-bound certificates to the IoT Subnet
Chapter 5 Evaluation
5.1 Certificate sets
5.2 Certificate reduction rate
5.3 Energy consumption & Latency
CHAPTER 6 Conclusion