Abstract
This paper provides a concise analysis of information security issues in the context of the Internet of Things networks and describes examples of IoT-oriented security solutions. It contains a brief introduction to the IoT concept and commonly used information security techniques. It defines basic requirements that must be met by the IoT secure communication system and presents an architecture of the IoT certificate management system. It then describes the proposition of a simple IoT security system based on already defined requirements, which may be used in small IoT deployments. Possible improvements and expansions of that system, that would enable it to be deployed in bigger and complex IoT networks, are also discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Perera, C., Liu, C.H., Jayawardena, S.: The emerging internet of things marketplace from an industrial perspective: a survey. IEEE Trans. Emerg. Top. Comput. 585–598 (2015). https://doi.org/10.1109/TETC.2015.2390034
IBM Industries Blog: The little-known story of the first IoT device. https://www.ibm.com/blogs/industries/little-known-story-first-iot-device. Accessed 15 Apr 2020
Aumasson, J.-P.: Serious Cryptography: A Practical Introduction to Modern Encryption. No Starch Press, San Francisco (2018)
Goworko, M.: Secure communication system for the Internet of Things. B.S. thesis, The Faculty of Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland (2019)
Garcia-Morchon, O., Kumar, S., Sethi, M.: Internet of Things (IoT) Security: State of the Art and Challenges. RFC Editor (2019). http://doi.org/10.17487/RFC8576
Wytrębowicz, J.: Key-server adaptation to IoT systems. In: SENSORNETS 2018 - Proceedings of the 7th International Conference on Sensor Networks, pp. 155–160 (2018). https://doi.org/10.5220/0006670201550160. http://www.scitepress.org/PublicationsDetail.aspx?ID=Rw+kLnOBBEI=&t=1
Mena, D.M., Papapanagiotou, I., Yang, B.: Internet of things: survey on security. Inf. Secur. J. Glob. Perspect. 27, 162–182 (2018). https://doi.org/10.1080/19393555.2018.1458258
Moore, K., Barnes, R., Tschofenig, H.: Best current practices for securing internet of things (IoT) devices. Internet Eng. Task Force (2017). https://tools.ietf.org/html/draft-moore-iot-security-bcp-01
Bradner, S.: RFC2119: Key words for use in RFCs to Indicate Requirement Levels. RFC Editor (1997). http://doi.org/10.17487/rfc2119
Barker, E.: Recommendation for Key Management – Part 1: General. NIST Spec. Publ. 800-57, pp. 51–54 (2016). http://doi.org/10.6028/NIST.SP.800-57pt3r1
Fossati, T.: Transport Layer Security (TLS)/Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things. RFC Editor (2016). http://doi.org/10.17487/rfc7925
Schaad, J.: CBOR Object Signing and Encryption (COSE). RFC Editor (2017). http://doi.org/10.17487/rfc8152
Qin, B., Huang, J., Wang, Q., Luo, X., Liang, B., Shi, W.: Cecoin: a decentralized PKI mitigating MitM attacks. Future Gener. Comput. Syst. 107, 805–815 (2020). https://doi.org/10.1016/j.future.2017.08.025
Fang, W., Chen, W., Zhang, W., Pei, J., Gao, W., Wang, G.: Digital signature scheme for information non-repudiation in blockchain: a state of the art review. EURASIP J. Wirel. Commun. Netw. (2020). http://doi.org/10.1186/s13638-020-01665-w
Joński, P.: Certificate registration system (CeReS). M.S. thesis, The Faculty of Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland (2019)
Sosinowicz, J.: Web of trust certificate for embedded devices. M.S. thesis, The Faculty of Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland (2019)
Forsby, F., Furuhed, M., Papadimitratos, P., Raza, S.: Lightweight X.509 digital certificates for the internet of things. In: Interoperability, Safety and Security in IoT, pp. 123–133. Springer (2018). https://doi.org/10.1007/978-3-319-93797-7_14
Bormann, C., Hoffman, P.: Concise Binary Object Representation (CBOR). RFC Editor (2013). http://doi.org/10.17487/rfc7049
Truskovsky, A., Van Geest, D., Fluhrer, S., Kampanakis, P., Ounsworth, M., Mister, S.: Multiple public-key algorithm X.509 certificates. Internet Eng. Task Force (2018). https://datatracker.ietf.org/doc/html/draft-truskovsky-lamps-pq-hybrid-x509-01
Turner, S., Brown, D., Yiu, K., Housley, R., Polk, T.: Elliptic Curve Cryptography Subject Public Key Information. RFC Editor (2009). http://doi.org/10.17487/rfc5480
Zhu, Q., Wang, R., Chen, Q., Liu, Y., Qin, W.: IOT gateway: bridging wireless sensor networks into internet of things. In: 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, pp. 347–352. IEEE Press (2010). https://doi.org/10.1109/euc.2010.58
Chen, H., Jia, X., Li, H.: A brief introduction to IoT gateway. In: IET International Conference on Communication Technology and Application (ICCTA 2011), pp. 610–613. IET (2011). https://doi.org/10.1049/cp.2011.0740
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Wytrębowicz, J., Goworko, M. (2021). IoT Cryptosecurity: Overview and Potential Solutions. In: Barolli, L., Poniszewska-Maranda, A., Park, H. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2020. Advances in Intelligent Systems and Computing, vol 1195. Springer, Cham. https://doi.org/10.1007/978-3-030-50399-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-50399-4_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50398-7
Online ISBN: 978-3-030-50399-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)