Using smartphones to enable low-cost secure consumer IoT devices

Research output: Contribution to journalArticle

13 Downloads (Pure)

Abstract

This paper proposes a solution for low-cost consumer IoT devices to employ end-to-end security without requiring additional hardware. Manufacturers of consumer IoT devices often sacrifice security in favour of features, user-friendliness, time to market or cost, in order to stay ahead of their competitors. However, this is unwise, as demonstrated by recent hacks on consumer IoT devices. Low-cost embedded devices struggle to create suitable entropy for key generation; on the other hand, smartphones are both abundant and have multiple sources of entropy for strong key generation. The proposed architecture takes advantage of these properties and offloads key generation and transfer to the user's smartphone, removing the need for constrained IoT devices to perform public key infrastructure and generate symmetric keys. The authors implemented the design on a \$1 general-purpose microcontroller and then analysed the performance. The design allows all communication to and from the device to be encrypted while being simple to setup, low-cost and responsive without any additional manufacturing cost. The architecture presents a general solution, which could be implemented on any microcontroller. Since the architecture does not require any additional hardware, it can be retroactively applied to deployed devices through a firmware update.
Original languageEnglish
Pages (from-to)28607-28613
Number of pages7
JournalIEEE Access
Volume8
DOIs
Publication statusPublished - 27 Jan 2020

Keywords

  • internet of things
  • security
  • encryption
  • wireless communication
  • microcontrollers

Fingerprint Dive into the research topics of 'Using smartphones to enable low-cost secure consumer IoT devices'. Together they form a unique fingerprint.

  • Cite this