|
|
Sizzle
Sizzle: A Standards-based end-to-end Security Architecture
for the Embedded Internet
Vipul Gupta, Matthew Millard, Stephen Fung, Yu Zhu
Nils Gura, Hans Eberle, Sheueling Chang Shantz
Abstract
This paper introduces Sizzle, the first fully-implemented end-to-end
security architecture for highly constrained embedded devices.
According to popular perception, public-key cryptography is beyond the
capabilities of such devices. We show that elliptic curve
cryptography (ECC) not only makes public-key cryptography feasible on
these devices, it allows one to create a complete secure web server
stack including SSL, HTTP and user application that runs efficiently
within very tight resource constraints. Our small footprint HTTPS
stack needs less than 4KB of RAM and interoperates with an
ECC-enabled version of the Mozilla web browser. We have
implemented Sizzle on the 8-bit Berkeley/Crossbow Mica2 "mote"
platform where it can complete a full SSL handshake in less
than 4 seconds (session reuse takes under 2 seconds) and
transfer 450 bytes of application data over SSL in about 1
second. We present additional optimizations that can further
improve performance. To the best of our knowledge, this is the world's
smallest secure web server (in terms of both physical dimensions and
resources consumed) and significantly lowers the barrier for
connecting a variety of interesting new devices (e.g. home
appliances, personal medical devices) to the Internet without
sacrificing end-to-end security.
[NOTE: Click here to download
a copy of the complete paper.]
|
