Abstract
Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.
Highlights
The Internet of Things (IoT) refers to a paradigm where physical devices are interconnected using a communication network that allows for real-time data exchange and control
It is important to note that both cipher suites use Elliptic Curve Cryptography (ECC) in the key-exchange process (i.e., Elliptic curve Diffie–Hellman Ephemeral (ECDHE)), but the key signing and verifying processes are carried out using RSA and Elliptic Curve Digital Signature Algorithm (ECDSA), respectively
It can be stated that even a small difference in energy consumption and computational load results in a huge impact on IoT gateways, especially on the ones with a constrained power supply, so determining the best way of securing their communications is a critical step for a successful and broad deployment
Summary
The Internet of Things (IoT) refers to a paradigm where physical devices (e.g., home appliances, environmental sensors and actuators, vehicles) are interconnected using a communication network that allows for real-time data exchange and control. IoT nodes and intermediate devices implement heterogeneous protocols; the IoT fog paradigm relies on the gateways to translate between them and allow for the data aggregation needed to provide the required services. In an IoT fog computing scenario, Transport Layer Security (TLS) arises as one of the best positioned candidates, but it has the problem that most popular standard ciphering suites available were not designed having in mind the limitations of resource-constrained and battery-operated devices. This fact has been changing in the last years, since lighter and more future-proof alternatives are being supported and implemented widely by the standard.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.