TinyI2C - A Protocol Stack for connecting Hardware Security Modules to IoT Devices

2020 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom) Pub Date : 2020-07-01 DOI:10.1109/CoBCom49975.2020.9174152

Thomas Fischer, Dominic Pirker, Christian H. Lesjak, C. Steger

{"title":"TinyI2C - A Protocol Stack for connecting Hardware Security Modules to IoT Devices","authors":"Thomas Fischer, Dominic Pirker, Christian H. Lesjak, C. Steger","doi":"10.1109/CoBCom49975.2020.9174152","DOIUrl":null,"url":null,"abstract":"To enhance the security of devices in the Internet of Things, devices are augmented with Hardware Security Modules (HSMs). To connect HSMs to their hosting devices, serial interfaces, e.g. I2C, are used. On top of these interfaces, a protocol stack is utilized to establish a reliable communication channel. HSM vendors, such as Microchip, NXP, and Infineon, use protocols that differ in regard of provided features, complexity, and efficiency. These protocols are either complex to implement, or lack certain features. In the first case, this leads to significant system integration effort, in the latter, the HSM’s reliability and interchangeability suffers.In this paper, we perform an evaluation of state-of-the-art solutions, GlobalPlatform APDU Transfer over I2C, Microchip cryptoauthlib, and the Infineon I2C Protocol Stack. Based on this evaluation, we propose TinyI2C, a lightweight communication protocol stack. It is designed to allow simple implementations, while providing equivalent core features as state-of-the-art solutions, including reliability and packet fragmentation. Major design goals were to create a symmetric protocol, where code can be shared between both peers, which is not the case in state-of-the-art solutions. In addition, we add features, such as packet streaming support, to make the protocol suitable for Remote-Procedure-Call (RPC) based frameworks. Finally, we show a proof-of-concept and evaluate the achieved performance.","PeriodicalId":442802,"journal":{"name":"2020 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CoBCom49975.2020.9174152","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

To enhance the security of devices in the Internet of Things, devices are augmented with Hardware Security Modules (HSMs). To connect HSMs to their hosting devices, serial interfaces, e.g. I2C, are used. On top of these interfaces, a protocol stack is utilized to establish a reliable communication channel. HSM vendors, such as Microchip, NXP, and Infineon, use protocols that differ in regard of provided features, complexity, and efficiency. These protocols are either complex to implement, or lack certain features. In the first case, this leads to significant system integration effort, in the latter, the HSM’s reliability and interchangeability suffers.In this paper, we perform an evaluation of state-of-the-art solutions, GlobalPlatform APDU Transfer over I2C, Microchip cryptoauthlib, and the Infineon I2C Protocol Stack. Based on this evaluation, we propose TinyI2C, a lightweight communication protocol stack. It is designed to allow simple implementations, while providing equivalent core features as state-of-the-art solutions, including reliability and packet fragmentation. Major design goals were to create a symmetric protocol, where code can be shared between both peers, which is not the case in state-of-the-art solutions. In addition, we add features, such as packet streaming support, to make the protocol suitable for Remote-Procedure-Call (RPC) based frameworks. Finally, we show a proof-of-concept and evaluate the achieved performance.

查看原文本刊更多论文

TinyI2C—一种连接硬件安全模块到物联网设备的协议栈

为了增强物联网中设备的安全性，需要对设备进行硬件安全模块(Hardware security Modules, hsm)增强。为了将hsm连接到它们的主机设备，使用串行接口，例如I2C。在这些接口之上，利用协议栈建立可靠的通信通道。HSM供应商，如Microchip、NXP和Infineon，在提供的特性、复杂性和效率方面使用不同的协议。这些协议要么实现起来很复杂，要么缺乏某些特性。在第一种情况下，这会导致大量的系统集成工作，在后一种情况下，HSM的可靠性和互换性受到影响。在本文中，我们对最先进的解决方案，GlobalPlatform APDU Transfer over I2C, Microchip cryptoauthlib和英飞凌I2C协议栈进行了评估。在此基础上，我们提出了轻量级通信协议栈TinyI2C。它的设计允许简单的实现，同时提供与最先进的解决方案相当的核心功能，包括可靠性和数据包碎片。主要的设计目标是创建一个对称协议，其中代码可以在对等体之间共享，这在最先进的解决方案中不是这样的。此外，我们还添加了一些特性，例如数据包流支持，以使该协议适合基于远程过程调用(RPC)的框架。最后，我们展示了一个概念验证并评估了实现的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom)

自引率

0.00%

发文量