RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air

Nikbakht Bideh, Pegah; Gehrmann, Christian

RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air

Mark

Nikbakht Bideh, Pegah ^LU

and Gehrmann, Christian ^LU (2022) 4th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2022 p.35-46

Abstract: Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe though that most prior art solutions are public key-based, they are not flexible with respect to firmware image distribution principles and it is challenging to make a design with good Denial-Of-Service (DoS) attacks resistance. Apart from often being rather resource demanding, a limitation with current public key-based solutions is that they are... (More); Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe though that most prior art solutions are public key-based, they are not flexible with respect to firmware image distribution principles and it is challenging to make a design with good Denial-Of-Service (DoS) attacks resistance. Apart from often being rather resource demanding, a limitation with current public key-based solutions is that they are not quantum computer resistant. Hence, in this paper, we take a new look into the firmware upgrade problem and propose RoSym, a secure, firmware distribution principle agnostic, and DoS protected upgrade mechanism purely based on symmetric cryptography. We present an experimental evaluation on a real testbed environment for the scheme. The results show that the scheme is efficient in comparison to other state of the art solutions. We also make a formal security verification of RoSym showing that it is robust against different attacks. (Less)

Please use this url to cite or link to this publication: https://lup.lub.lu.se/record/a29d7402-e6b3-4978-8beb-8aefd0374d24

author

Nikbakht Bideh, Pegah ^LU

and Gehrmann, Christian ^LU

organization

publishing date

2022-11-07

type

Chapter in Book/Report/Conference proceeding

publication status

published

subject

keywords

Over-The-Air, IoT, Secure code dissemination, Protected software upgrade

host publication

Proceedings of the 4th Workshop on CPS and IoT Security and Privacy : CPSIoTSec 2022 - CPSIoTSec 2022

pages

35 - 46

publisher

Association for Computing Machinery (ACM)

conference name

4th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2022

conference location

Los Angeles, United States

conference dates

2022-11-07 - 2022-11-11

external identifiers

scopus:85144826069

ISBN

978-1-4503-9876-3

DOI

10.1145/3560826.3563381

project

Cyber Security for Next Generation Factory (SEC4FACTORY)

language

English

LU publication?

yes

id

a29d7402-e6b3-4978-8beb-8aefd0374d24

date added to LUP

2022-09-24 15:55:51

date last changed

2023-04-06 00:25:49

@inproceedings{a29d7402-e6b3-4978-8beb-8aefd0374d24,
  abstract     = {{Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe though that most prior art solutions are public key-based, they are not flexible with respect to firmware image distribution principles and it is challenging to make a design with good Denial-Of-Service (DoS) attacks resistance. Apart from often being rather resource demanding, a limitation with current public key-based solutions is that they are not quantum computer resistant. Hence, in this paper, we take a new look into the firmware upgrade problem and propose RoSym, a secure, firmware distribution principle agnostic, and DoS protected upgrade mechanism purely based on symmetric cryptography. We present an experimental evaluation on a real testbed environment for the scheme. The results show that the scheme is efficient in comparison to other state of the art solutions. We also make a formal security verification of RoSym showing that it is robust against different attacks.}},
  author       = {{Nikbakht Bideh, Pegah and Gehrmann, Christian}},
  booktitle    = {{Proceedings of the 4th Workshop on CPS and IoT Security and Privacy : CPSIoTSec 2022}},
  isbn         = {{978-1-4503-9876-3}},
  keywords     = {{Over-The-Air; IoT; Secure code dissemination; Protected software upgrade}},
  language     = {{eng}},
  month        = {{11}},
  pages        = {{35--46}},
  publisher    = {{Association for Computing Machinery (ACM)}},
  title        = {{RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air}},
  url          = {{https://lup.lub.lu.se/search/files/124489472/IoT_update_CCSW.pdf}},
  doi          = {{10.1145/3560826.3563381}},
  year         = {{2022}},
}

Lund University Publications

LUND UNIVERSITY LIBRARIES

RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air