Asymmetric cryptography or public-key cryptography is based on key pairs. It consists of a public key for encryption, known to everyone, and a private key for decryption, known only to the owner. Public-key algorithms can be used for encryption and authentication. Common algorithms are ECC (elliptic curve cryptography) and RSA (Rivest, Shamir, and Adleman cryptosystem).
Published in Chapter:
Securing Over-the-Air Code Updates in Wireless Sensor Networks
Christian Wittke (Leibniz-Institut für innovative Mikroelektronik, Germany), Kai Lehniger (Leibniz-Institut für innovative Mikroelektronik, Germany), Stefan Weidling (Leibniz-Institut für innovative Mikroelektronik, Germany), and Mario Schoelzel (Leibniz-Institut für innovative Mikroelektronik, Germany)
Copyright: © 2019
|Pages: 27
DOI: 10.4018/978-1-5225-7332-6.ch013
Abstract
With the growing number of wireless devices in the internet of things (IoT), maintenance and management of these devices has become a key issue. In particular, the ability to wirelessly update devices is a must in order to fix security issues and software bugs, or to extend firmware functionality. Code update mechanisms in wireless sensor networks (WSNs), a subset of IoT networks, must handle limited resources and strict constraints. Also, over-the-air (OTA) code updates in the context of an IoT ecosystem may open new security vulnerabilities. An IoT security framework should therefore be extended with additional mechanisms to secure the OTA code update functionality. The chapter presents an overview of various OTA code update techniques for WSNs and their security flaws along with some existing attacks and possible countermeasures. It is discussed which attacks can be used more easily with the code update functionality. Countermeasures are compared as to whether they secure the weakened security objectives, giving a guideline to choose the right combination of countermeasures.