EXCHANge: Securing IoT via channel anonymity

Savio Sciancalepore, Gabriele Oligeri, Giuseppe Piro, Gennaro Boggia, Roberto Di Pietro

Research output: Contribution to journalArticlepeer-review

15 Scopus citations

Abstract

Establishing confidentiality between communicating peers is still an issue in contexts where solutions based on asymmetric keys are not viable, such as in dynamic Internet of Things (IoT) systems made up of heterogeneous and resource constrained devices. From the current literature, channel anonymity emerges as a promising methodology able to support key-establishment protocols. But, to the best of authors’ knowledge, no works already demonstrated its practical adoption over a concrete communication technology. To bridge this gap, we experimentally show that a lightweight key-establishment protocol based on channel anonymity is viable. The contributions of this work are mainfold. First, we introduce EXCHANge, a protocol that achieves key-establishment exploiting channel anonymity despite the presence of either a passive or active global-eavesdropper adversary. Second, we evaluate the performance of EXCHANge through an extensive experimental campaign involving real world IoT devices (OpenMote-CC2538). Our results demonstrate that the proposed solution introduces a limited overhead, thus being able to meet the requirements of resource constrained devices Finally, we experimentally demonstrate the security of the EXCHANge protocol against passive and active adversaries. Overall, this paper proves that channel anonymity can be a powerful tool in the IoT setting, to achieve a secure, effective, and efficient key-establishment.
Original languageEnglish (US)
Pages (from-to)14-29
Number of pages16
JournalComputer Communications
Volume134
DOIs
StatePublished - Jan 15 2019
Externally publishedYes

Bibliographical note

Generated from Scopus record by KAUST IRTS on 2023-09-20

Fingerprint

Dive into the research topics of 'EXCHANge: Securing IoT via channel anonymity'. Together they form a unique fingerprint.

Cite this