Since the initial visions proposed in the SmartDust project fifteen years ago, Wireless Sensor Networks have seen a tremendous development, leading to the realization of the Internet of Things (IoT). Today, there is a large variety of hardware and software to choose from that is easy to set up and use. Even though there is an increasing number of real-world applications that employ large deployments of IoT devices, the wireless nature of communication in combination with the low-end capabilities of the devices raises security and privacy issues that have not been properly addressed. Considering also that sensor node brands are very different in their capabilities, providing a single solution is very challenging. In this paper we adopt Elliptic Curve Cryptography (ECC) as an attractive alternative to conventional public key cryptography, such as RSA. ECC is an ideal candidate for implementation on constrained devices where the major computational resources, i.e., speed, memory are limited and low-power wireless communication protocols are employed. That is because it attains the same security levels with traditional cryptosystems using smaller parameter sizes. We provide a generic implementation of ECC that runs on different host operating systems, such as Contiki, TinyOS, iSenseOS, ScatterWeb and Arduino. Furthermore, it runs on smartphone platforms such as Android and iPhone and also any linux based systems (e.g., raspberryPi). Our implementation does not contain any platform-specific specializations, allowing a single implementation to run natively on heterogeneous networks. We look into the Smart Parking application domain and provide a solution that protects the privacy of the users by totally avoiding the exchange of confidential information. We also show how to protect a user's privacy by adapting the tool of zero knowledge proofs (ZKP) with our ECC implementation. We study the performance of our system in an real-world outdoor IoT testbed and analyze the execution time and network overhead for each available hardware platform. Our code is available as open source software and can be used from developers who wish to achieve certain levels of security and privacy in their applications.
A privacy-preserving smart parking system using an IoT elliptic curve based security platform / Chatzigiannakis, Ioannis; Vitaletti, Andrea; Pyrgelis, Apostolos. - In: COMPUTER COMMUNICATIONS. - ISSN 0140-3664. - STAMPA. - 89-90:(2016), pp. 165-177. [10.1016/j.comcom.2016.03.014]
A privacy-preserving smart parking system using an IoT elliptic curve based security platform
CHATZIGIANNAKIS, IOANNIS
;VITALETTI, Andrea;
2016
Abstract
Since the initial visions proposed in the SmartDust project fifteen years ago, Wireless Sensor Networks have seen a tremendous development, leading to the realization of the Internet of Things (IoT). Today, there is a large variety of hardware and software to choose from that is easy to set up and use. Even though there is an increasing number of real-world applications that employ large deployments of IoT devices, the wireless nature of communication in combination with the low-end capabilities of the devices raises security and privacy issues that have not been properly addressed. Considering also that sensor node brands are very different in their capabilities, providing a single solution is very challenging. In this paper we adopt Elliptic Curve Cryptography (ECC) as an attractive alternative to conventional public key cryptography, such as RSA. ECC is an ideal candidate for implementation on constrained devices where the major computational resources, i.e., speed, memory are limited and low-power wireless communication protocols are employed. That is because it attains the same security levels with traditional cryptosystems using smaller parameter sizes. We provide a generic implementation of ECC that runs on different host operating systems, such as Contiki, TinyOS, iSenseOS, ScatterWeb and Arduino. Furthermore, it runs on smartphone platforms such as Android and iPhone and also any linux based systems (e.g., raspberryPi). Our implementation does not contain any platform-specific specializations, allowing a single implementation to run natively on heterogeneous networks. We look into the Smart Parking application domain and provide a solution that protects the privacy of the users by totally avoiding the exchange of confidential information. We also show how to protect a user's privacy by adapting the tool of zero knowledge proofs (ZKP) with our ECC implementation. We study the performance of our system in an real-world outdoor IoT testbed and analyze the execution time and network overhead for each available hardware platform. Our code is available as open source software and can be used from developers who wish to achieve certain levels of security and privacy in their applications.| File | Dimensione | Formato | |
|---|---|---|---|
|
Chatzigiannakis_A-privacy-preserving_2016.pdf
solo gestori archivio
Note: https://doi.org/10.1016/j.comcom.2016.03.014
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.81 MB
Formato
Adobe PDF
|
1.81 MB | Adobe PDF | Contatta l'autore |
|
Chatzigiannakis_preprint_A-privacy-preserving_2016.pdf
accesso aperto
Note: https://doi.org/10.1016/j.comcom.2016.03.014
Tipologia:
Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
3.92 MB
Formato
Adobe PDF
|
3.92 MB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
