Dynamic Reduced-Round TLS Extension for Secure and Energy-Saving Communication of IoT Devices

Abstract

The security of wireless Internet of Things (IoT) communication is a complex challenge due to not only growing attack surfaces and threats but also the limitations of energy consumption. As a significant portion of the IoT market is composed of both security- and energy-critical sectors, e.g., smart homes and e-health, there is a pressing demand for solutions to secure billions of IoT devices while minimizing energy footprint. To this end, this article proposes a transport layer security (TLS) extension to integrate a lightweight and self-monitored mechanism that dynamically balances communication security and power consumption according to the IoT device’s current battery level. Integrated within the TLSv1.3 protocol, the secure extension automatically adjusts the encryption round number of the negotiated cipher according to an operator-defined policy while ensuring the minimum required security level. A Proof-of-Concept (PoC) has been implemented on the wolfSSL library and a real-world IoT platform, on which the performance of the proposed mechanism has been reported for various lightweight ciphers. The results showed an energy reduction of encryptions by 57.1% and a battery saving of 9.4% when encrypting at 4 kBps with reduced-round encryption, demonstrating the potential of the proposed extension into the TLS protocol.