How to enable lightweight secure bootstrap and message attestation in the Internet of Things?
Internet of Things (IoT) offers new opportunities for business, technology and science into an highly connected world, but inherent characteristics of IoT made of numerous resource-constrained devices from various origins, also raises new challenges in terms of security and privacy.
This talk focuses on solving the problem of trust establishment for IoT by proposing a security solution that consists of a secure bootstrap mechanism for device identification as well as a message attestation mechanism for aggregate response validation.
To achieve security and privacy requirements, the problem is approached in a confined environment, named SubNets of Things (SNoT), where multiple devices depend on it. In this context, devices are uniquely and securely identified thanks to their environment and their role within it. Additionally, the underlying message authentication technique features signature aggregation and hence, generates one compact response on behalf of all devices in the subnet.