Sizzle: SSL on Motes Sizzle: SSL on Motes Vipul Gupta, Sun Labs Vipul Gupta, Sun Labs (Joint work with S. Chang Shantz, H. Eberle, S. Fung*, N. Gura, (Joint work with S. Chang Shantz, H. Eberle, S. Fung*, N. Gura, M. Millard*, A. Patel*, A. Wander*, M. Wurm*, Y. Zhu*) M. Millard*, A. Patel*, A. Wander*, M. Wurm*, Y. Zhu*) *Student intern *Student intern CENTS Retreat, Granlibakken Conference Center, Tahoe City, Jan 12-14, 2005
16
Embed
SSL on Motes (The World's Smallest Secure Web Server)
This presentation describes Sizzle, the world’s smallest secure web server. It runs on coin-sized, wireless devices called Motes (8-bit CPU, 4KB RAM) which are the de-facto standard platform for sensor networks research in academia and industry. Prior security research deemed public-key cryptography and, therefore, Internet standards like SSL that rely on it infeasible for such devices.
This research was described as the “biggest breakthrough in sensor network security in [2004]”, by Berkeley Prof. David Wagner and won the Mark Weiser Best Paper Award at PerCom 2005.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Sizzle: SSL on Motes Sizzle: SSL on Motes
Vipul Gupta, Sun LabsVipul Gupta, Sun Labs(Joint work with S. Chang Shantz, H. Eberle, S. Fung*, N. Gura, (Joint work with S. Chang Shantz, H. Eberle, S. Fung*, N. Gura, M. Millard*, A. Patel*, A. Wander*, M. Wurm*, Y. Zhu*)M. Millard*, A. Patel*, A. Wander*, M. Wurm*, Y. Zhu*)
*Student intern*Student intern
CENTS Retreat,Granlibakken Conference Center,Tahoe City, Jan 12-14, 2005
2
Outline
• Sensor network security background
• Elliptic Curve Cryptography (ECC) overview
• Sizzle (Slim SSL) – HTTPS server on motes
• Demo
• Conclusion
3
Sensor Network Security
• General perception: public-key cryptography is impractical
• Previous symmetric-key based approaches:
• Key distribution problem• Link level security (not end-to-end)• Compromising a few nodes jeopardizes
security of entire network• Sizzle: Standards-based end-to-end security
architecture (ECC + SSL)
4
Elliptic Curve Cryptography
• Computationally highly efficient public-key cryptosystem, highest security strength per bit• Savings in memory,
Reduces cost ofpublic-key operationin full handshake Data Transfer
Handshake
11
Performance Details (Session Reuse)
Eliminates public-key operation, still incurs cost of abbreviatedhandshake
Data Transfer
Handshake
NOTE: In data transfer phase, bulkencryption/authentication overheadis dwarfed by transmission time.
12
Performance Details (Persistent HTTPS)
• Amortizes the cost of an SSL handshake (full or abbreviated) across multiple data transfers
GatewayClient Mote
Connect to Mote
SSL Handshake
Establish TCP
HTTP Request and Response n
HTTP Request and Response n+1HTTP Request and Response n+2
Tim
e
13
Sizzle Demonstration
• ECC-enabled Mozilla communicating with Sizzle
• Secure monitoring and control of a “wireless thermostat”
• Comparison of ECC v/s RSA-based handshake
• Impact of session reuse and persistent HTTP(S)
14
Takeaway
Elliptic Curve Cryptography (ECC) makes public-key cryptography feasible on mote-like devices and creates the opportunity to reuse standard security protocols on the “embedded” Internet.
15
References
• V. Gupta et al., “Sizzle: A Standards-based end-to-end Security Architecture for the Embedded Internet”, PerCom 2005, Mar. 2005*
• N. Gura et al., “Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs”, CHES 2004, Aug. 2004
• V. Gupta et al., “ECC Cipher Suites for TLS”, IETF internet-draft, Dec. 2004
• V. Gupta et al., "Integrating Elliptic Curve Cryptography into the Web's Security Infrastructure", WWW 2004, May 2004