Evaluation of Out-of-Band Channels for IoT Security

Sampsa Latvala, Mohit Sethi, Tuomas Aura

Research output: Contribution to journalArticleScientificpeer-review

16 Downloads (Pure)

Abstract

Secure bootstrapping is the process by which a device gets the necessary configuration information and security credentials to become operational. In many pervasive computing and Internet-of-Things scenarios, it is often not possible to rely on the existence of a trusted third party or other network infrastructure for bootstrapping. Therefore, several device bootstrapping protocols rely on an out-of-band (OOB) channel for initial device authentication and configuration. We begin this paper by understanding the need for OOB channels and performing a literature survey of existing standards and devices that rely on OOB channels. We then look at one candidate bootstrapping protocol: Nimble out-of-band authentication for EAP (EAP-NOOB). We provide a brief overview of the EAP-NOOB protocol and describe its unique OOB channel requirements. Thereafter, we implement three OOB channels for EAP-NOOB using near-field communication, quick response codes, and sound. Using our implementation, we evaluate the usability, security, benefits, and limitations of each of the OOB channels.
Original languageEnglish
Article number18
JournalSN Computer Science
Volume1
DOIs
Publication statusPublished - Jan 2020
MoE publication typeA1 Journal article-refereed

Fingerprint Dive into the research topics of 'Evaluation of Out-of-Band Channels for IoT Security'. Together they form a unique fingerprint.

  • Projects

    Secure Connectivity of Future Cyber-Physical Systems

    Bui, T., Peltonen, A., Sethi, M., Aura, T. & Antikainen, M.

    01/09/201630/08/2020

    Project: Academy of Finland: Other research funding

    Cite this