Abstract
This paper proposes a solution for low-cost consumer IoT devices to employ end-to-end security without requiring additional hardware. Manufacturers of consumer IoT devices often sacrifice security in favour of features, user-friendliness, time to market or cost, in order to stay ahead of their competitors. However, this is unwise, as demonstrated by recent hacks on consumer IoT devices. Low-cost embedded devices struggle to create suitable entropy for key generation; on the other hand, smartphones are both abundant and have multiple sources of entropy for strong key generation. The proposed architecture takes advantage of these properties and offloads key generation and transfer to the user’s smartphone, removing the need for constrained IoT devices to perform public key infrastructure and generate symmetric keys. The authors implemented the design on a $1 general-purpose microcontroller and then analysed the performance. The design allows all communication to and from the device to be encrypted while being simple to setup, low-cost and responsive without any additional manufacturing cost. The architecture presents a general solution, which could be implemented on any microcontroller. Since the architecture does not require any additional hardware, it can be retroactively applied to deployed devices through a firmware update.
Highlights
Recent developments in consumer behaviour have driven an increase in the market for Home Automation devices
Automated systems have been available for many years, as technology has improved, and the cost of devices and difficulty of installation has decreased, consumer Internet of Things (IoT) devices have seen a rapid increase in demand, in a domestic setting [1]
We have shown that with our scheme there would be less than 25 ms delay in responsiveness due to the encryption overhead
Summary
Recent developments in consumer behaviour have driven an increase in the market for Home Automation devices. These devices promise to make our lives more convenient and automated. Automated systems have been available for many years, as technology has improved, and the cost of devices and difficulty of installation has decreased, consumer Internet of Things (IoT) devices have seen a rapid increase in demand, in a domestic setting [1]. This convenience and lowcost comes with a risk.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call