Secure and Effective Implementation of an IOTA Light Node using STM32

Proceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor Pub Date : 2019-11-10 DOI:10.1145/3362744.3363344

Diego Stucchi, Ruggero Susella, P. Fragneto, B. Rossi

{"title":"Secure and Effective Implementation of an IOTA Light Node using STM32","authors":"Diego Stucchi, Ruggero Susella, P. Fragneto, B. Rossi","doi":"10.1145/3362744.3363344","DOIUrl":null,"url":null,"abstract":"A major challenge in networked sensor systems and other IoT environments is addressing security. Vulnerabilities in those systems arise from poor physical security, unauthenticated devices, insecure firmware updates, insecure communication, and data corruption. In recent times Distributed Ledger Technologies (DLTs), of which Blockchain is an instance, have been identified as a possible solution to some of these issues. The blokchain model genetically ensures decentralized security and privacy, and therefore could provide IoT systems with a trusted infrastructure for securely logging data or exchanging tokens without the necessity, and costs, of central servers. Blockchain is no panacea, either. IoT devices that get connected to a blockchain network must still be secured, in particular they must protect the confidentiality of the keys. This requires the embedded microcontroller to execute only authenticated firmware, with protections against software attacks, such as buffer overflows, and resistance against side-channel attacks. In addition, as confirmed from the scarcity of implementations reported in the literature, it is still not clear whether blockchain protocols can be implemented efficiently on resource-constrained IoT devices. In this work, also supported by a Demo, we show an example of secure IoT device that enables the functionalities of IOTA, a DLT specifically designed for the use in the IoT. In particular, we present a Light Node based on STM32 that implements all the cryptographic functions, IOTA specific operations and communication functions required to successfully publish transactions in the IOTA distributed ledger. Our implementations on microcontrollers (ARM Cortex-M) performs up to 22 times faster in terms of cycles and up to 4 times faster in absolute time with respect to the state-of-the-art implementation on a Raspberry PI 3B. Our Light Node also ensures protection of the stored private data and guarantees secure firmware update thanks to a suitable configuration of some security features provided by STM32 microcontrollers.","PeriodicalId":193703,"journal":{"name":"Proceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3362744.3363344","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

A major challenge in networked sensor systems and other IoT environments is addressing security. Vulnerabilities in those systems arise from poor physical security, unauthenticated devices, insecure firmware updates, insecure communication, and data corruption. In recent times Distributed Ledger Technologies (DLTs), of which Blockchain is an instance, have been identified as a possible solution to some of these issues. The blokchain model genetically ensures decentralized security and privacy, and therefore could provide IoT systems with a trusted infrastructure for securely logging data or exchanging tokens without the necessity, and costs, of central servers. Blockchain is no panacea, either. IoT devices that get connected to a blockchain network must still be secured, in particular they must protect the confidentiality of the keys. This requires the embedded microcontroller to execute only authenticated firmware, with protections against software attacks, such as buffer overflows, and resistance against side-channel attacks. In addition, as confirmed from the scarcity of implementations reported in the literature, it is still not clear whether blockchain protocols can be implemented efficiently on resource-constrained IoT devices. In this work, also supported by a Demo, we show an example of secure IoT device that enables the functionalities of IOTA, a DLT specifically designed for the use in the IoT. In particular, we present a Light Node based on STM32 that implements all the cryptographic functions, IOTA specific operations and communication functions required to successfully publish transactions in the IOTA distributed ledger. Our implementations on microcontrollers (ARM Cortex-M) performs up to 22 times faster in terms of cycles and up to 4 times faster in absolute time with respect to the state-of-the-art implementation on a Raspberry PI 3B. Our Light Node also ensures protection of the stored private data and guarantees secure firmware update thanks to a suitable configuration of some security features provided by STM32 microcontrollers.

查看原文本刊更多论文

使用STM32安全有效地实现IOTA轻节点

网络传感器系统和其他物联网环境的主要挑战是解决安全问题。这些系统中的漏洞来自较差的物理安全性、未经身份验证的设备、不安全的固件更新、不安全的通信和数据损坏。最近，以区块链为例的分布式账本技术(dlt)已被确定为其中一些问题的可能解决方案。区块链模型从基因上确保了分散的安全性和隐私性，因此可以为物联网系统提供可信的基础设施，用于安全记录数据或交换令牌，而无需中央服务器，也无需中央服务器。区块链也不是万灵药。连接到区块链网络的物联网设备仍然必须得到保护，特别是它们必须保护密钥的机密性。这要求嵌入式微控制器只执行经过身份验证的固件，并具有防止软件攻击(如缓冲区溢出)和抵抗侧信道攻击的保护。此外，从文献报道的实施稀缺性中可以证实，区块链协议是否可以在资源受限的物联网设备上有效实施仍然不清楚。在这项工作中，也由演示支持，我们展示了一个安全物联网设备的示例，该设备支持IOTA的功能，IOTA是专为物联网使用而设计的DLT。特别是，我们提出了一个基于STM32的Light Node，它实现了IOTA分布式账本中成功发布交易所需的所有加密功能、IOTA特定操作和通信功能。我们在微控制器(ARM Cortex-M)上的实现与树莓派3B上最先进的实现相比，在周期方面的执行速度快了22倍，在绝对时间方面快了4倍。由于STM32微控制器提供的一些安全功能的适当配置，我们的Light Node还确保保护存储的私人数据并保证安全的固件更新。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor

自引率

0.00%

发文量