RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceedingpeer-review

72 Downloads (Pure)

Abstract

Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe though that most prior art solutions are public key-based, they are not flexible with respect to firmware image distribution principles and it is challenging to make a design with good Denial-Of-Service (DoS) attacks resistance. Apart from often being rather resource demanding, a limitation with current public key-based solutions is that they are not quantum computer resistant. Hence, in this paper, we take a new look into the firmware upgrade problem and propose RoSym, a secure, firmware distribution principle agnostic, and DoS protected upgrade mechanism purely based on symmetric cryptography. We present an experimental evaluation on a real testbed environment for the scheme. The results show that the scheme is efficient in comparison to other state of the art solutions. We also make a formal security verification of RoSym showing that it is robust against different attacks.
Original languageEnglish
Title of host publicationProceedings of the 4th Workshop on CPS and IoT Security and Privacy
Subtitle of host publicationCPSIoTSec 2022
PublisherAssociation for Computing Machinery (ACM)
Pages35-46
ISBN (Print)978-1-4503-9876-3
DOIs
Publication statusPublished - 2022 Nov 7
Event4th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2022 - Los Angeles, United States
Duration: 2022 Nov 72022 Nov 11

Workshop

Workshop4th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2022
Country/TerritoryUnited States
CityLos Angeles
Period2022/11/072022/11/11

Subject classification (UKÄ)

  • Computer Science
  • Computer Systems

Free keywords

  • Over-The-Air
  • IoT
  • Secure code dissemination
  • Protected software upgrade

Fingerprint

Dive into the research topics of 'RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air'. Together they form a unique fingerprint.

Cite this