Principles of Secure BootStrapping for IoT
PI: Ninghui Li; Researchers: Syed Hussain (Post Doc), Weicheng Wang (Graduate Student)
HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.
Policy.
PUBLICATIONS
Papers written as a result of your research from the current quarter only.
KEY HIGHLIGHTS
- We have designed an enhanced bootstrapping protocol for Zigbee. This protocol prevents a wide range of attacks. Specifically, we have rigorously analyzed the current security and privacy posture of the Zigbee protocol specification. Our investigation has uncovered a number of critical security and privacy issues in the connection establishment (also known as the 'joining') procedure of Zigbee protocol. To mitigate these issues, we have also designed and implemented an enhanced connection establishment procedure. In this solution, we leverage the existing installation code mechanism to use it as public-key cryptography and combine it with the Elliptic-Curve Diffie-Hellman (ECDH) mechanism to ensure better security and privacy guarantees.
COMMUNITY ENGAGEMENTS
EDUCATIONAL ADVANCES:
- A PhD student is supported on the project. In addition, a postdoctoral fellow, who plans to go into the academia, is being partially supported.
Groups: