RESCURE: A security solution for IoT life cycle

Georgios Selimis, Rui Wang, Roel Maes, Geert Jan Schrijen, Mario Münzer, Stefan Ilić, Frans M.J. Willems, Lieneke Kusters

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Abstract

We present RESCURE, a security solution built on software, which retrofits Internet of Things (IoT) devices to secure ones. RESCURE exploits the entropy originating from the random variations of silicon (transistors) during manufacturing and generates a unique unforgeable root key and an identity per device. In this way, root key and identity are inseparable from the IoT hardware. To achieve lifetime reliability (reproducibility) and security (randomness) for root key and identity, we apply error correcting and randomness amplification algorithms to the signals derived from silicon. RESCURE supports certificates which are able to prove the device identity and authenticity. RESCURE supports multiple keys derivation (private keys or private/public key pairs) and End-to-End security. In this way an IoT device is able to communicate securely and independently with multiple actors (e.g., Service Providers). It supports secure storage so it is able to encrypt sensitive data such as application keys, sensitive data or software Intellectual Properties (IP). Finally, the entire device software is protected by secure boot and secure software update mechanisms allowing for malware-free software execution and renewable security and features. RESCURE has been prototyped on an ST32L4 device and its performance is presented across real use case scenarios covering the entire life cycle of the device. It is a low-cost solution for all the devices manufacturers that want to achieve high standard security without redesigning the hardware of their IoT product.

Original languageEnglish
Title of host publicationProceedings of the 15th International Conference on Availability, Reliability and Security, ARES 2020
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)9781450388337
DOIs
Publication statusPublished - 25 Aug 2020
Event15th International Conference on Availability, Reliability and Security, ARES 2020 - Virtual, Online, Ireland
Duration: 25 Aug 202028 Aug 2020

Publication series

NameACM International Conference Proceeding Series

Conference

Conference15th International Conference on Availability, Reliability and Security, ARES 2020
CountryIreland
CityVirtual, Online
Period25/08/2028/08/20

Keywords

  • Authentication
  • End-to-end
  • IoT
  • IoT to cloud
  • IP protection
  • Lifecycle security
  • Unforgeable keys

Fingerprint Dive into the research topics of 'RESCURE: A security solution for IoT life cycle'. Together they form a unique fingerprint.

Cite this