Point of contact
- Benjamin Smith, INRIA-Saclay
- Maryline Laurent, SAMOVAR-Telecom SudParis
Summary
Even well-established techniques and principles in Cybersecurity take on a new dimension when we move from the world of the classical internet to the Internet of Things (IoT).
On one hand, the extremely limited resources of low-end IoT devices – severely limited computational power and memory, intermittent connectivity, and above all, extremely strict constraints on energy and battery use – render many cutting-edge techniques inapplicable. On the other hand, the overwhelming scale and heterogeneity of IoT – there are no dominant platforms, operating systems, or even hardware architectures – means that there can be no one-size-fits-all solution to common, well-identified, and even universal security problems. Even the simplest tasks, like secure software updates and cryptographic key management, both of which are taken for granted in real-world Cybersecurity, become hard problems and the subject of active research when we move to low-end IoT devices.
Formal methods therefore have a crucial role in the security analysis of existing IoT systems, and in the development of new, secure replacements.
Keywords
low-end IoT devices, secure software updates, key management
Researchers involved or interested
- Maryline Laurent, Samovar
- Jean Leneutre, LTCI
- Olivier Levillain, Samovar
- Rida Khatoun, LTCI
- Houda Labiod, LTCI
- Pascal Urien, LTCI
- Benjamin Smith, GRACE
A few references
- K. Zandberg et al., Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check. IEEE Access, vol. 7, pp. 71907-71920, 2019.
- J. Renes and B. Smith, qDSA: Small and Secure Digital Signatures with Curve-based Diffie-Hellman Key pairs. ASIACRYPT 2017.