Visible to the public \#x003BC;DTNSec: A Security Layer for Disruption-Tolerant Networks on Microcontrollers

Title\#x003BC;DTNSec: A Security Layer for Disruption-Tolerant Networks on Microcontrollers
Publication TypeConference Paper
Year of Publication2017
AuthorsSchürmann, D., Zengen, G. V., Priedigkeit, M., Wolf, L.
Conference Name2017 16th Annual Mediterranean Ad Hoc Networking Workshop (Med-Hoc-Net)
Date Publishedjun
ISBN Number978-1-5386-2077-9
Keywordsadvanced encryption standard, Asymmetric Encryption, asymmetric signatures, bundle protocol specification, compositionality, Contiki OS, cryptographic protocols, delay tolerant networks, delay-disruption-tolerant networks, digital signatures, disruption-tolerant networks, Elliptic curve cryptography, Encryption, energy measurement, energy measurements, energy-constrained devices, hardware-backed symmetric encryption, Human Behavior, man-in-the-middle attacks, Metrics, microcontrollers, payload size, Payloads, performance evaluation, Protocols, pubcrawl, public key cryptography, resilience, Resiliency, Routing, secp128r1, secp192r1, secp256r1, security layer, store-carry-forward principle, μDTNSec

We introduce $m$DTNSec, the first fully-implemented security layer for Delay/Disruption-Tolerant Networks (DTN) on microcontrollers. It provides protection against eavesdropping and Man-in-the-Middle attacks that are especially easy in these networks. Following the Store-Carry-Forward principle of DTNs, an attacker can simply place itself on the route between source and destination. Our design consists of asymmetric encryption and signatures with Elliptic Curve Cryptography and hardware-backed symmetric encryption with the Advanced Encryption Standard. $m$DTNSec has been fully implemented as an extension to $m$DTN on Contiki OS and is based on the Bundle Protocol specification. Our performance evaluation shows that the choice of the curve (secp128r1, secp192r1, secp256r1) dominates the influence of the payload size. We also provide energy measurements for all operations to show the feasibility of our security layer on energy-constrained devices.

Citation Keyschurmann_x003bc;dtnsec:_2017