Many Internet-connected appliances are often moved to different environments, such as when they are re-located. And even when they are buried in a given physical environment, their ownership "moves", such as when a home or smart space changes hands. This calls for roaming-friendly IoT authentication devised to circumvent the need to deploy long-term authentication credentials across different visited domains. Noting that this issue has been very extensively addressed since at least three decades in cellular network, in this paper we integrate, within the RIOT IoT Operating system, an authentication and key agreement protocol designed to be as close as possible to the standard one used by 4G/5G cellular systems. Our design accounts for a few technical improvements made possible since, unlike the case of cellular networks, we are here free from back-ward compatibility issues. Our proof-of-concept implementation is built on COAP for the radio interface, and on HTTPS for the core network signaling parts, and can be further configured to use two different types of secret keys: pre-shared or on-demand, (re)generated via a SRAM-PUF API available in RIOT.
Bianchi, G., La Rosa, A., Restuccia, G. (2021). RIOT-AKA: cellular-like authentication over IoT devices. In Proceedings - International Conference on Network Protocols, ICNP (pp. 1-6). 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA : IEEE Computer Society [10.1109/icnp52444.2021.9651952].
RIOT-AKA: cellular-like authentication over IoT devices
Bianchi, Giuseppe;Restuccia, Gabriele
2021-01-01
Abstract
Many Internet-connected appliances are often moved to different environments, such as when they are re-located. And even when they are buried in a given physical environment, their ownership "moves", such as when a home or smart space changes hands. This calls for roaming-friendly IoT authentication devised to circumvent the need to deploy long-term authentication credentials across different visited domains. Noting that this issue has been very extensively addressed since at least three decades in cellular network, in this paper we integrate, within the RIOT IoT Operating system, an authentication and key agreement protocol designed to be as close as possible to the standard one used by 4G/5G cellular systems. Our design accounts for a few technical improvements made possible since, unlike the case of cellular networks, we are here free from back-ward compatibility issues. Our proof-of-concept implementation is built on COAP for the radio interface, and on HTTPS for the core network signaling parts, and can be further configured to use two different types of secret keys: pre-shared or on-demand, (re)generated via a SRAM-PUF API available in RIOT.
| File | Dimensione | Formato | |
|---|---|---|---|
|
RIOT-AKA_cellular-like_authentication_over_IoT_devices.pdf
Solo gestori archvio
Tipologia:
Versione Editoriale
Dimensione
1.75 MB
Formato
Adobe PDF
|
1.75 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
