Projekte pro Jahr
Abstract
Implicit certificates are gaining ever more prominence in constrained embedded devices, in both the internet of things (IoT) and automotive domains. They present a resource-efficient security solution against common threat concerns. The computational requirements are not the main issue anymore, with the focus now shifting to determining a good balance between the provided security level and the derived threat model. A security aspect that often gets overlooked is the establishment of secure communication sessions, as most design solutions are based only on the use of static key derivation, and therefore lack the perfect forward secrecy. This leaves the transmitted data open for potential future exposures as keys are tied to the certificates rather than the communication sessions. We aim to close this gap and present a design that utilizes the Station to Station (STS) protocol with implicit certificates. In addition, we propose potential protocol optimization implementation steps and run a comprehensive study on the performance and security level between the proposed design and the state-of-the-art key derivation protocols. In our comparative study, we show that we are able to mitigate many session-related security vulnerabilities that would otherwise remain open with only a slight computational increase of 20% compared to a static elliptic curve digital signature algorithm (ECDSA) key derivation.
Originalsprache | englisch |
---|---|
Titel | 2023 Design, Automation and Test in Europe Conference and Exhibition, DATE 2023 - Proceedings |
Seitenumfang | 6 |
ISBN (elektronisch) | 9783981926378 |
DOIs | |
Publikationsstatus | Veröffentlicht - 2023 |
Veranstaltung | Design, Automation & Test in Europe Conference & Exhibition: DATE 2023 - Antwerp, Belgien Dauer: 17 Apr. 2023 → 19 Apr. 2023 |
Konferenz
Konferenz | Design, Automation & Test in Europe Conference & Exhibition |
---|---|
Kurztitel | DATE '23 |
Land/Gebiet | Belgien |
Ort | Antwerp |
Zeitraum | 17/04/23 → 19/04/23 |
ASJC Scopus subject areas
- Informatik (sonstige)
- Ingenieurwesen (insg.)
- Computernetzwerke und -kommunikation
Fields of Expertise
- Information, Communication & Computing
Fingerprint
Untersuchen Sie die Forschungsthemen von „Establishing Dynamic Secure Sessions for ECQV Implicit Certificates in Embedded Systems“. Zusammen bilden sie einen einzigartigen Fingerprint.-
Hardware/Software-Codesign
Steger, C., Seifert, C., Stelzer, P., Fiala, G. & Basic, F.
1/01/95 → …
Projekt: Arbeitsgebiet
-
SEAMAL BMS - Erstellung der Anforderung und die Definition der Systemarchitektur
1/04/20 → 20/09/22
Projekt: Forschungsprojekt
Aktivitäten
-
Establishing Dynamic Secure Sessions for ECQV Implicit Certificates in Embedded Systems
Fikret Basic (Redner/in)
18 Apr. 2023Aktivität: Vortrag oder Präsentation › Vortrag bei Konferenz oder Fachtagung › Science to science
-
Design, Automation & Test in Europe Conference & Exhibition
Fikret Basic (Teilnehmer/-in)
17 Apr. 2023 → 19 Apr. 2023Aktivität: Teilnahme an / Organisation von › Konferenz oder Fachtagung (Teilnahme an/Organisation von)