| Title | Tailoring Onion Routing to the Internet of Things: Security and Privacy in Untrusted Environments |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Hiller, Jens, Pennekamp, Jan, Dahlmanns, Markus, Henze, Martin, Panchenko, Andriy, Wehrle, Klaus |
| Conference Name | 2019 IEEE 27th International Conference on Network Protocols (ICNP) |
| Keywords | computer network security, cryptographic processing, cryptographic protocols, cryptography, data privacy, end-to-end security, Internet connectivity, Internet of Things, IoT communication, IoT device owner, Metrics, protocol incompatibilities, Protocols, pubcrawl, resilience, Resiliency, resource-conserving access control, resource-constrained IoT devices, Router Systems Security, Routing, secret supply chain procedures, Servers, tailoring onion routing, telecommunication control, untrusted environments, untrusted networks, Web server |
| Abstract | An increasing number of IoT scenarios involve mobile, resource-constrained IoT devices that rely on untrusted networks for Internet connectivity. In such environments, attackers can derive sensitive private information of IoT device owners, e.g., daily routines or secret supply chain procedures, when sniffing on IoT communication and linking IoT devices and owner. Furthermore, untrusted networks do not provide IoT devices with any protection against attacks from the Internet. Anonymous communication using onion routing provides a well-proven mechanism to keep the relationship between communication partners secret and (optionally) protect against network attacks. However, the application of onion routing is challenged by protocol incompatibilities and demanding cryptographic processing on constrained IoT devices, rendering its use infeasible. To close this gap, we tailor onion routing to the IoT by bridging protocol incompatibilities and offloading expensive cryptographic processing to a router or web server of the IoT device owner. Thus, we realize resource-conserving access control and end-to-end security for IoT devices. To prove applicability, we deploy onion routing for the IoT within the well-established Tor network enabling IoT devices to leverage its resources to achieve the same grade of anonymity as readily available to traditional devices. |
| DOI | 10.1109/ICNP.2019.8888033 |
| Citation Key | hiller_tailoring_2019 |
Tailoring Onion Routing to the Internet of Things: Security and Privacy in Untrusted Environments