Securing Internet of Things with Lightweight IPsec

Raza, Shahid and Chung, Tony and Duquennoy, Simon and Yazar, Dogan and Voigt, Thiemo and Roedig, Utz (2010) Securing Internet of Things with Lightweight IPsec. [SICS Report]



Real-world deployments of wireless sensor networks (WSNs) require secure communication. It is important that a receiver is able to verify that sensor data was generated by trusted nodes. In some cases it may also be necessary to encrypt sensor data in transit. Recently, WSNs and traditional IP networks are more tightly integrated using IPv6 and 6LoWPAN. Available IPv6 protocol stacks can use IPsec to secure data exchange. Thus, it is desirable to extend 6LoWPAN such that IPsec communication with IPv6 nodes is possible. It is beneficial to use IPsec because the existing end-points on the Internet do not need to be modified to communicate securely with the WSN. Moreover, using IPsec, true end-to-end security is implemented and the need for a trustworthy gateway is removed. In this paper we provide End-to-End (E2E) secure communication between an IP enabled sensor nodes and a device on traditional Internet. This is the first compressed lightweight design, implementation, and evaluation of 6LoWPAN extension for IPsec on Contiki. Our extension supports both IPsec's Authentication Header (AH) and Encapsulation Security Payload (ESP). Thus, communication endpoints are able to authenticate, encrypt and check the integrity of messages using standardized and established IPv6 mechanisms.

Item Type:SICS Report
Uncontrolled Keywords:IPsec, 6LoWPAN, Contiki, IPv6, IoT
ID Code:4052
Deposited By:Vicki Carleson
Deposited On:16 Dec 2010 14:01
Last Modified:14 Jul 2016 14:43

Repository Staff Only: item control page