SlideShare uma empresa Scribd logo

SSL on Motes (The World's Smallest Secure Web Server)

B
benaam

This presentation describes Sizzle, the world’s smallest secure web server. It runs on coin-sized, wireless devices called Motes (8-bit CPU, 4KB RAM) which are the de-facto standard platform for sensor networks research in academia and industry. Prior security research deemed public-key cryptography and, therefore, Internet standards like SSL that rely on it infeasible for such devices. This research was described as the “biggest breakthrough in sensor network security in [2004]”, by Berkeley Prof. David Wagner and won the Mark Weiser Best Paper Award at PerCom 2005.

1 de 16
Baixar para ler offline
Sizzle: SSL on Motes Vipul Gupta, Sun Labs (Joint work with S. Chang Shantz, H. Eberle, S. Fung*, N. Gura, M. Millard*, A. Patel*, A. Wander*, M. Wurm*, Y. Zhu*) *Student intern CENTS Retreat, Granlibakken Conference Center, Tahoe City, Jan 12-14, 2005
Outline • • • • • Sensor network security background Elliptic Curve Cryptography (ECC) overview Sizzle (Slim SSL) – HTTPS server on motes Demo Conclusion 2
Sensor Network Security • General perception: public-key cryptography is impractical • Previous symmetric-key based approaches: • Key distribution problem • Link level security (not end-to-end) • Compromising a few nodes jeopardizes security of entire network • Sizzle: Standards-based end-to-end security architecture (ECC + SSL) 3
Elliptic Curve Cryptography • Computationally highly efficient public-key cryptosystem, highest security strength per bit • Savings in memory, Sym. 80 112 128 192 256 RSA 1,024 2,048 3,072 7,680 15,360 ECC 160 224 256 384 521 Ratio MIPS yrs 1012 6:1 1024 9:1 1028 12:1 1047 20:1 1066 30:1 bandwidth, power • Advantage improves as security needs increase • Endorsed/standardized by NIST, ANSI, IEEE, IETF • Good match for AES More information: http://research.sun.com/projects/crypto/ 4
ECC on Small Devices Berkeley/Crossbow MICA “mote” ECC (8-bit, Atmel ATmega processor, 128KB FLASH, 4KB SRAM, 4KB EEPROM) ECC secp160r1 ECC secp224r1 RSA 1024 (pub**) RSA 1024 (priv) RSA-2048 (pub**) RSA-2048 (priv) Time* (s) 0.81 2.19 0.43 10.99 1.94 83.26 RSA priv 90 80 70 Data bytes 282 422 542 930 1332 1853 Code bytes 3682 4812 1073 6292 2854 7736 * 8MHz Atmel ATmega ** e=65537 More information: Gura et al., CHES 2004 paper Time (sec) Algorithm RSA pub 38x 60 50 40 30 20 13x 10 0 Current Future Security levels 5
Sizzle Overview • World's smallest secure web server • Uses ECC key exchange in SSL* • Interoperates with ECC-enabled Mozilla/Firefox/OpenSSL • Lowers barrier for connecting interesting new devices to the Internet, and controlling/ monitoring them securely *Based on IETF internet-draft draft-ietf-tls-ecc-xx.txt 6
Sizzle Features • Uses 160-bit ECC (on curve secp160r1) • ECDH-ECDSA-RC4-SHA cipher suite • Minimizes SRAM memory usage and SSL handshake overhead, e.g. • Static info stored in program memory • Small session identifiers, certs • Implements session reuse, persistent HTTP(S) 7
Sizzle Architecture and Statistics Gateway Sensors/ Actuators Monitoring station TCP/IP RS232 Sizzle on “mote” End-to-end security with SSL • Memory usage from objdump: ~3KB (RAM), ~60KB (FLASH) on Mica2 mote • Page load time in sec (450-byte HTTPS transfer on Mica2 w/ Tiny OS 1.1.6): Full Handshake RSA ECC 16.8 4.9 Session Persistent Reuse HTTP(S) 2.9 1.1 Plain HTTP 0.9 8
Performance Details (RSA) RSA decryption dominates Handshake Data Transfer 9
Performance Details (ECC) Reduces cost of public-key operation in full handshake Handshake Data Transfer 10
Performance Details (Session Reuse) Eliminates public-key operation, still incurs cost of abbreviated handshake Handshake Data Transfer NOTE: In data transfer phase, bulk encryption/authentication overhead is dwarfed by transmission time. 11
Performance Details (Persistent HTTPS) • Amortizes the cost of an SSL handshake (full or abbreviated) across multiple data transfers Gateway Client Mote Time Establish TCP Connect to Mote SSL Handshake HTTP Request and Response n HTTP Request and Response n+1 HTTP Request and Response n+2 12
Sizzle Demonstration • ECC-enabled Mozilla communicating with Sizzle • Secure monitoring and control of a “wireless thermostat” • Comparison of ECC v/s RSA-based handshake • Impact of session reuse and persistent HTTP(S) 13
Takeaway Elliptic Curve Cryptography (ECC) makes public-key cryptography feasible on mote-like devices and creates the opportunity to reuse standard security protocols on the “embedded” Internet. 14
References • V. Gupta et al., “Sizzle: A Standards-based end-to- end Security Architecture for the Embedded Internet”, PerCom 2005, Mar. 2005* • N. Gura et al., “Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs”, CHES 2004, Aug. 2004 • V. Gupta et al., “ECC Cipher Suites for TLS”, IETF internet-draft, Dec. 2004 • V. Gupta et al., "Integrating Elliptic Curve Cryptography into the Web's Security Infrastructure", WWW 2004, May 2004 *Mark Weiser Best Paper Award at PerCom 2005 15
sheueling.chang@sun.com hans.eberle@sun.com vipul.gupta@sun.com nils.gura@sun.com http://research.sun.com/projects/crypto

Recomendados

An Introduction to OpenStack Networking
An Introduction to OpenStack NetworkingAn Introduction to OpenStack Networking
An Introduction to OpenStack NetworkingScott Lowe
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slidesmestery
 
ON.LAB Mininet
ON.LAB MininetON.LAB Mininet
ON.LAB MininetIsabelle Guis
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use caseVietnam Open Infrastructure User Group
 
Contiki Presentation
Contiki PresentationContiki Presentation
Contiki PresentationRahul Dhodapkar
 
Open v switch20150410b
Open v switch20150410bOpen v switch20150410b
Open v switch20150410bRichard Kuo
 
OpenStack Neutron Tutorial
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorialmestery
 
2014 Security Onion Conference
2014 Security Onion Conference2014 Security Onion Conference
2014 Security Onion ConferenceDefensiveDepth
 

Recomendados

An Introduction to OpenStack Networking
An Introduction to OpenStack NetworkingAn Introduction to OpenStack Networking
An Introduction to OpenStack NetworkingScott Lowe
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slidesmestery
 
ON.LAB Mininet
ON.LAB MininetON.LAB Mininet
ON.LAB MininetIsabelle Guis
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use caseVietnam Open Infrastructure User Group
 
Contiki Presentation
Contiki PresentationContiki Presentation
Contiki PresentationRahul Dhodapkar
 
Open v switch20150410b
Open v switch20150410bOpen v switch20150410b
Open v switch20150410bRichard Kuo
 
OpenStack Neutron Tutorial
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorialmestery
 
2014 Security Onion Conference
2014 Security Onion Conference2014 Security Onion Conference
2014 Security Onion ConferenceDefensiveDepth
 
Futex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsFutex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsDavidlohr Bueso
 
Training open stack networking -neutron
Training open stack networking -neutronTraining open stack networking -neutron
Training open stack networking -neutronHaifeng Yan (颜海峰)
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
Red Hat demo of OpenStack and ODL at ODL summit 2016
Red Hat demo of OpenStack and ODL at ODL summit 2016 Red Hat demo of OpenStack and ODL at ODL summit 2016
Red Hat demo of OpenStack and ODL at ODL summit 2016 RedHatTelco
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Futex ppt
Futex pptFutex ppt
Futex pptOECLIB Odisha Electronics Control Library
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronSana Khan
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and OpenstackDave Neary
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstacksalv_orlando
 
Whats new in Havana--Neutron
Whats new in Havana--NeutronWhats new in Havana--Neutron
Whats new in Havana--NeutronMirantis
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityMiguel Pardal
 
Ovn vancouver
Ovn vancouverOvn vancouver
Ovn vancouverMason Mei
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Central Iowa Linux Users Group May 2020 Meeting: WireGuard
Central Iowa Linux Users Group May 2020 Meeting: WireGuardCentral Iowa Linux Users Group May 2020 Meeting: WireGuard
Central Iowa Linux Users Group May 2020 Meeting: WireGuardAndrew Denner
 
Practical CNI
Practical CNIPractical CNI
Practical CNILinuxCon ContainerCon CloudOpen China
 
2015 COSCUP SDN Workshop -- SDN Quick Start
2015 COSCUP SDN Workshop -- SDN Quick Start2015 COSCUP SDN Workshop -- SDN Quick Start
2015 COSCUP SDN Workshop -- SDN Quick StartYi Tseng
 
Open stack neutron and opendaylight
Open stack neutron and opendaylightOpen stack neutron and opendaylight
Open stack neutron and opendaylightramgow
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
Openstack Trunk Port
Openstack Trunk PortOpenstack Trunk Port
Openstack Trunk Portbenceromsics
 
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Rambus
 
IP Signal Distribution
IP Signal DistributionIP Signal Distribution
IP Signal DistributionrAVe [PUBS]
 

Mais conteúdo relacionado

Mais procurados

Futex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsFutex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsDavidlohr Bueso
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
Red Hat demo of OpenStack and ODL at ODL summit 2016
Red Hat demo of OpenStack and ODL at ODL summit 2016 Red Hat demo of OpenStack and ODL at ODL summit 2016
Red Hat demo of OpenStack and ODL at ODL summit 2016 RedHatTelco
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronSana Khan
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and OpenstackDave Neary
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstacksalv_orlando
 
Whats new in Havana--Neutron
Whats new in Havana--NeutronWhats new in Havana--Neutron
Whats new in Havana--NeutronMirantis
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityMiguel Pardal
 
Ovn vancouver
Ovn vancouverOvn vancouver
Ovn vancouverMason Mei
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Central Iowa Linux Users Group May 2020 Meeting: WireGuard
Central Iowa Linux Users Group May 2020 Meeting: WireGuardCentral Iowa Linux Users Group May 2020 Meeting: WireGuard
Central Iowa Linux Users Group May 2020 Meeting: WireGuardAndrew Denner
 
2015 COSCUP SDN Workshop -- SDN Quick Start
2015 COSCUP SDN Workshop -- SDN Quick Start2015 COSCUP SDN Workshop -- SDN Quick Start
2015 COSCUP SDN Workshop -- SDN Quick StartYi Tseng
 
Open stack neutron and opendaylight
Open stack neutron and opendaylightOpen stack neutron and opendaylight
Open stack neutron and opendaylightramgow
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
Openstack Trunk Port
Openstack Trunk PortOpenstack Trunk Port
Openstack Trunk Portbenceromsics
 

Mais procurados (20)

Futex Scaling for Multi-core Systems
Futex Scaling for Multi-core SystemsFutex Scaling for Multi-core Systems
Futex Scaling for Multi-core Systems
 
Training open stack networking -neutron
Training open stack networking -neutronTraining open stack networking -neutron
Training open stack networking -neutron
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenes
 
Red Hat demo of OpenStack and ODL at ODL summit 2016
Red Hat demo of OpenStack and ODL at ODL summit 2016 Red Hat demo of OpenStack and ODL at ODL summit 2016
Red Hat demo of OpenStack and ODL at ODL summit 2016
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and Automation
 
Futex ppt
Futex pptFutex ppt
Futex ppt
 
Introduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack NeutronIntroduction to Software Defined Networking and OpenStack Neutron
Introduction to Software Defined Networking and OpenStack Neutron
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and Openstack
 
Quantum - Virtual networks for Openstack
Quantum - Virtual networks for OpenstackQuantum - Virtual networks for Openstack
Quantum - Virtual networks for Openstack
 
Whats new in Havana--Neutron
Whats new in Havana--NeutronWhats new in Havana--Neutron
Whats new in Havana--Neutron
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer Security
 
Ovn vancouver
Ovn vancouverOvn vancouver
Ovn vancouver
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitch
 
Central Iowa Linux Users Group May 2020 Meeting: WireGuard
Central Iowa Linux Users Group May 2020 Meeting: WireGuardCentral Iowa Linux Users Group May 2020 Meeting: WireGuard
Central Iowa Linux Users Group May 2020 Meeting: WireGuard
 
Practical CNI
Practical CNIPractical CNI
Practical CNI
 
2015 COSCUP SDN Workshop -- SDN Quick Start
2015 COSCUP SDN Workshop -- SDN Quick Start2015 COSCUP SDN Workshop -- SDN Quick Start
2015 COSCUP SDN Workshop -- SDN Quick Start
 
Open stack neutron and opendaylight
Open stack neutron and opendaylightOpen stack neutron and opendaylight
Open stack neutron and opendaylight
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
 
Openstack Trunk Port
Openstack Trunk PortOpenstack Trunk Port
Openstack Trunk Port
 

Semelhante a SSL on Motes (The World's Smallest Secure Web Server)

Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Rambus
 
IP Signal Distribution
IP Signal DistributionIP Signal Distribution
IP Signal DistributionrAVe [PUBS]
 
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...Brandon DeVault
 
Industrial Control Systems Security - A Perspective on Product Design (Sequi,...
Industrial Control Systems Security - A Perspective on Product Design (Sequi,...Industrial Control Systems Security - A Perspective on Product Design (Sequi,...
Industrial Control Systems Security - A Perspective on Product Design (Sequi,...sequi_inc
 
Securing tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchangeSecuring tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchangeIAEME Publication
 
Securing tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchangeSecuring tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchangeIAEME Publication
 
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...Aaron Zauner
 
The Security layer
The Security layerThe Security layer
The Security layerSwetha S
 
BSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALBSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALGlenn Haley
 
Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...CAS
 
Introduction to Networking and OSI Model
Introduction to Networking and OSI ModelIntroduction to Networking and OSI Model
Introduction to Networking and OSI ModelKawtharAlsharah
 
IP security and VPN presentation
IP security and VPN presentation IP security and VPN presentation
IP security and VPN presentation KishoreTs3
 
Wire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE SecurityWire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE SecurityRamesh Nagappan
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL
 
An Introduction and Comparison of Dante, AVB and CobraNet Methodologies
An Introduction and Comparison of Dante, AVB and CobraNet MethodologiesAn Introduction and Comparison of Dante, AVB and CobraNet Methodologies
An Introduction and Comparison of Dante, AVB and CobraNet MethodologiesrAVe [PUBS]
 
Protocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNGerardo Pardo-Castellote
 
Spring sim 2010-riley
Spring sim 2010-rileySpring sim 2010-riley
Spring sim 2010-rileySopna Sumāto
 
intel Sync. & Edge Solution udpate xEng-v1.0.pptx
intel Sync. & Edge Solution udpate xEng-v1.0.pptxintel Sync. & Edge Solution udpate xEng-v1.0.pptx
intel Sync. & Edge Solution udpate xEng-v1.0.pptxAlex Wooram Kim
 

Semelhante a SSL on Motes (The World's Smallest Secure Web Server) (20)

Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
 
IP Signal Distribution
IP Signal DistributionIP Signal Distribution
IP Signal Distribution
 
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
 
Industrial Control Systems Security - A Perspective on Product Design (Sequi,...
Industrial Control Systems Security - A Perspective on Product Design (Sequi,...Industrial Control Systems Security - A Perspective on Product Design (Sequi,...
Industrial Control Systems Security - A Perspective on Product Design (Sequi,...
 
Securing tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchangeSecuring tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchange
 
Securing tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchangeSecuring tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchange
 
Tdp.a029a10
Tdp.a029a10Tdp.a029a10
Tdp.a029a10
 
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
 
The Security layer
The Security layerThe Security layer
The Security layer
 
BSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALBSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINAL
 
Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...
 
Introduction to Networking and OSI Model
Introduction to Networking and OSI ModelIntroduction to Networking and OSI Model
Introduction to Networking and OSI Model
 
IP security and VPN presentation
IP security and VPN presentation IP security and VPN presentation
IP security and VPN presentation
 
Stun turn poc_pilot
Stun turn poc_pilotStun turn poc_pilot
Stun turn poc_pilot
 
Wire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE SecurityWire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE Security
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3
 
An Introduction and Comparison of Dante, AVB and CobraNet Methodologies
An Introduction and Comparison of Dante, AVB and CobraNet MethodologiesAn Introduction and Comparison of Dante, AVB and CobraNet Methodologies
An Introduction and Comparison of Dante, AVB and CobraNet Methodologies
 
Protocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDN
 
Spring sim 2010-riley
Spring sim 2010-rileySpring sim 2010-riley
Spring sim 2010-riley
 
intel Sync. & Edge Solution udpate xEng-v1.0.pptx
intel Sync. & Edge Solution udpate xEng-v1.0.pptxintel Sync. & Edge Solution udpate xEng-v1.0.pptx
intel Sync. & Edge Solution udpate xEng-v1.0.pptx
 

Mais de benaam

Speeding up secure web transactions using Elliptic Curve Cryptography
Speeding up secure web transactions using Elliptic Curve CryptographySpeeding up secure web transactions using Elliptic Curve Cryptography
Speeding up secure web transactions using Elliptic Curve Cryptographybenaam
 
Real-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping ContainersReal-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping Containersbenaam
 
A Network Architecture for the Web of Things
A Network Architecture for the Web of ThingsA Network Architecture for the Web of Things
A Network Architecture for the Web of Thingsbenaam
 
SNViz: Analysis-oriented Visualization for the Internet of Things
SNViz: Analysis-oriented Visualization for the Internet of ThingsSNViz: Analysis-oriented Visualization for the Internet of Things
SNViz: Analysis-oriented Visualization for the Internet of Thingsbenaam
 
Building the Web of Things with Sun SPOTs
Building the Web of Things with Sun SPOTsBuilding the Web of Things with Sun SPOTs
Building the Web of Things with Sun SPOTsbenaam
 
Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...
Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...
Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...benaam
 

Mais de benaam (6)

Speeding up secure web transactions using Elliptic Curve Cryptography
Speeding up secure web transactions using Elliptic Curve CryptographySpeeding up secure web transactions using Elliptic Curve Cryptography
Speeding up secure web transactions using Elliptic Curve Cryptography
 
Real-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping ContainersReal-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping Containers
 
A Network Architecture for the Web of Things
A Network Architecture for the Web of ThingsA Network Architecture for the Web of Things
A Network Architecture for the Web of Things
 
SNViz: Analysis-oriented Visualization for the Internet of Things
SNViz: Analysis-oriented Visualization for the Internet of ThingsSNViz: Analysis-oriented Visualization for the Internet of Things
SNViz: Analysis-oriented Visualization for the Internet of Things
 
Building the Web of Things with Sun SPOTs
Building the Web of Things with Sun SPOTsBuilding the Web of Things with Sun SPOTs
Building the Web of Things with Sun SPOTs
 
Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...
Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...
Early Lessons from Building Sensor.Network: An Open Data Exchange for the Web...
 

SSL on Motes (The World's Smallest Secure Web Server)

  • 1. Sizzle: SSL on Motes Vipul Gupta, Sun Labs (Joint work with S. Chang Shantz, H. Eberle, S. Fung*, N. Gura, M. Millard*, A. Patel*, A. Wander*, M. Wurm*, Y. Zhu*) *Student intern CENTS Retreat, Granlibakken Conference Center, Tahoe City, Jan 12-14, 2005
  • 2. Outline • • • • • Sensor network security background Elliptic Curve Cryptography (ECC) overview Sizzle (Slim SSL) – HTTPS server on motes Demo Conclusion 2
  • 3. Sensor Network Security • General perception: public-key cryptography is impractical • Previous symmetric-key based approaches: • Key distribution problem • Link level security (not end-to-end) • Compromising a few nodes jeopardizes security of entire network • Sizzle: Standards-based end-to-end security architecture (ECC + SSL) 3
  • 4. Elliptic Curve Cryptography • Computationally highly efficient public-key cryptosystem, highest security strength per bit • Savings in memory, Sym. 80 112 128 192 256 RSA 1,024 2,048 3,072 7,680 15,360 ECC 160 224 256 384 521 Ratio MIPS yrs 1012 6:1 1024 9:1 1028 12:1 1047 20:1 1066 30:1 bandwidth, power • Advantage improves as security needs increase • Endorsed/standardized by NIST, ANSI, IEEE, IETF • Good match for AES More information: http://research.sun.com/projects/crypto/ 4
  • 5. ECC on Small Devices Berkeley/Crossbow MICA “mote” ECC (8-bit, Atmel ATmega processor, 128KB FLASH, 4KB SRAM, 4KB EEPROM) ECC secp160r1 ECC secp224r1 RSA 1024 (pub**) RSA 1024 (priv) RSA-2048 (pub**) RSA-2048 (priv) Time* (s) 0.81 2.19 0.43 10.99 1.94 83.26 RSA priv 90 80 70 Data bytes 282 422 542 930 1332 1853 Code bytes 3682 4812 1073 6292 2854 7736 * 8MHz Atmel ATmega ** e=65537 More information: Gura et al., CHES 2004 paper Time (sec) Algorithm RSA pub 38x 60 50 40 30 20 13x 10 0 Current Future Security levels 5
  • 6. Sizzle Overview • World's smallest secure web server • Uses ECC key exchange in SSL* • Interoperates with ECC-enabled Mozilla/Firefox/OpenSSL • Lowers barrier for connecting interesting new devices to the Internet, and controlling/ monitoring them securely *Based on IETF internet-draft draft-ietf-tls-ecc-xx.txt 6
  • 7. Sizzle Features • Uses 160-bit ECC (on curve secp160r1) • ECDH-ECDSA-RC4-SHA cipher suite • Minimizes SRAM memory usage and SSL handshake overhead, e.g. • Static info stored in program memory • Small session identifiers, certs • Implements session reuse, persistent HTTP(S) 7
  • 8. Sizzle Architecture and Statistics Gateway Sensors/ Actuators Monitoring station TCP/IP RS232 Sizzle on “mote” End-to-end security with SSL • Memory usage from objdump: ~3KB (RAM), ~60KB (FLASH) on Mica2 mote • Page load time in sec (450-byte HTTPS transfer on Mica2 w/ Tiny OS 1.1.6): Full Handshake RSA ECC 16.8 4.9 Session Persistent Reuse HTTP(S) 2.9 1.1 Plain HTTP 0.9 8
  • 9. Performance Details (RSA) RSA decryption dominates Handshake Data Transfer 9
  • 10. Performance Details (ECC) Reduces cost of public-key operation in full handshake Handshake Data Transfer 10
  • 11. Performance Details (Session Reuse) Eliminates public-key operation, still incurs cost of abbreviated handshake Handshake Data Transfer NOTE: In data transfer phase, bulk encryption/authentication overhead is dwarfed by transmission time. 11
  • 12. Performance Details (Persistent HTTPS) • Amortizes the cost of an SSL handshake (full or abbreviated) across multiple data transfers Gateway Client Mote Time Establish TCP Connect to Mote SSL Handshake HTTP Request and Response n HTTP Request and Response n+1 HTTP Request and Response n+2 12
  • 13. Sizzle Demonstration • ECC-enabled Mozilla communicating with Sizzle • Secure monitoring and control of a “wireless thermostat” • Comparison of ECC v/s RSA-based handshake • Impact of session reuse and persistent HTTP(S) 13
  • 14. Takeaway Elliptic Curve Cryptography (ECC) makes public-key cryptography feasible on mote-like devices and creates the opportunity to reuse standard security protocols on the “embedded” Internet. 14
  • 15. References • V. Gupta et al., “Sizzle: A Standards-based end-to- end Security Architecture for the Embedded Internet”, PerCom 2005, Mar. 2005* • N. Gura et al., “Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs”, CHES 2004, Aug. 2004 • V. Gupta et al., “ECC Cipher Suites for TLS”, IETF internet-draft, Dec. 2004 • V. Gupta et al., "Integrating Elliptic Curve Cryptography into the Web's Security Infrastructure", WWW 2004, May 2004 *Mark Weiser Best Paper Award at PerCom 2005 15