Title: Optimising the DTLS handshake design for TEE enabled sensor nodes

Authors: Anil Yadav; Nitin Rakesh; Sujata Pandey; Rajat Kumar Singh

Addresses: Amity University Uttar Pradesh, Noida, 201304, India ' Amity University Uttar Pradesh, Noida, 201308, India ' Amity University Uttar Pradesh, Noida, 201304, India ' ECE Department, SPGC, IIIT-Allahabad 211015, Uttar Pradesh, India

Abstract: This paper focuses on highlighting the vulnerabilities of DTLS handshake process and then optimising the handshake process of the DTLS protocol to prevent the software-based attacks in the smart sensor client and sensors (resource servers). We discussed the scenarios where the handshake process is prone to software attacks and proposed the trusted execution environment-based design of the DTLS handshake to enhance the communication security by eliminating the risk of intermediate keying materials being exposed to a non-secure environment. Our design also considers the resource constrained nature of the sensor nodes and thus split the handshake process such that the memory footprint of the implementation does not overload the TEE. We implemented a DTLS client and a DTLS server on a TEE enabled hardware and compared the performance thereof. Our preliminary experimental results show significant gain for memory footprint, but with a minor penalty in handshake time consumption.

Keywords: handshake; pre-shared key; PSK; trust zone; trusted execution environment; TEE; rich execution environment; REE; datagram transport layer security; DTLS; smart sensors.

DOI: 10.1504/IJSN.2019.101416

International Journal of Security and Networks, 2019 Vol.14 No.3, pp.167 - 179

Available online: 31 Jul 2019 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article