SLICT: Secure Localized Information Centric Things Marcel Enguehard, Ralph Droms, Dario Rossi 26 September 2016 Workshop on Information Centric Networking for 5G, Kyoto, 2016
Can we securely deploy geographic forwarding on Information Centric Things?
Information Centric Things Constrained Ad-hoc multihop Broadcast link nodes network
ICN for IoT? Old idea, new method (Intanagonwiwat et al., MOBICOM’00) Simplicity is better for constrained devices (Bacelli et al., ICN’14) Security model
Vanilla ICN forwarding for ICT is hard How do I find this Interest name ? /bA/f3/r301/temp “I want the temperature in the room 301 of building A”
Forwarding for ICN-IoT nodes: challenges Dynamic topology Control traffic Routing state
Geographic forwarding for ICT is easier How do I find Interest Interest this position? /bA/f3/r301/temp /coord/temp location “I want the temperature in the room 301 of building A”
Geographic forwarding Local control traffic State = list of neighbours Efficient delivery (no learning process)
GPSR – Greedy and perimeter mode Greedy forwarding Perimeter forwarding 1 2 D S D S 3 Karp et al., Mobicom’ 00
The SLICT framework Secure Localized Information Centric Things Association Secure Geographic ICN stack protocol beaconing forwarding over RIOT
Association protocol • Establish trust between physical neighbors • OnboardICNg (A. Compagno et al., Wednesday afternoon) • Comparison with ECC-based (M. Enguehard et al., Poster session)
Secure Beaconing n1 n2 n3 Association Neighbourhood + location Association updates Creates persistent /ndb/n2 pit entry Encryption through AES Creates persistent /ndb/n2 pit entry broadcast keys Content message Name: /ndb/n2 Payload: coordinates, seq num Updates Updates n2 position in DB n2 position in DB
Geographic forwarding for ICThings • Data name: /g/locinf/rest/of/name • FIB entry for /g/ : • Face: virtual face (all neighbours) • Strategy: GPSR • TLV for additional information
ICN stack over RIOT Forwarder module Extract Forward on name selected faces FIB module Strategy module Returns virtual face + wrapper to GPSR Get faces Apply Computes & strategy strategy next node in GPSR
Our IoT hardware OpenMote • ARM Cortex-M3 @ 32MHz • AES+ECC hardware support • 32KB RAM • 512KB ROM • Open source design
Evaluation criteria CPU Memory Energy
Evaluation setup #include <cc2538.h> Cycle counter in #include <stdint.h> M3 int main () { uint32_t nb_cycles; //Enables debug CoreDebug->DEMCR |= _VAL2FLD(CoreDebug_DEMCR_TRCENA,1); //Enables cycles counter DWT->CTRL |= _VAL2FLD(DWT_CTRL_CYCCNTENA,1); E=n cyc *P/f populate_tables (); //Reinitialises cycle counter DWT->CYCCNT = 0; perform_test (); nb_cycles = DWT->CYCCNT; ... }
Relative memory & CPU consumption CPU Memory Combined Geographic forwarding 0.5x has a smaller memory 50 and CPU footprint x 5 . 0 Number of FIB entries 40 Geographic forwarding 1.0x has a smaller memory 30 footprint x 0 x . 4 0 20 1.0x . 2 10 2.0x x 0 4 . 5 10 15 5 10 15 0 5 10 15 20 Number of neighbours
Forwarding vs cryptography/communication Large number of neighbors Geo TLV Communication & cryptography costs estimated thanks to: Shafagh et al. Talos: Encrypted Query Processing for the Internet of Things , SenSys’ 15
Conclusion • Flexibility of ICN + efficiency of geographic forwarding • Outperforms FIB forwarding in CPU & memory • Cost of control traffic? Questions: mengueha@cisco.com
Recommend
More recommend
