Secure Route-Obfuscation Mechanism with Information-Theoretic Security for Internet of Things

摘要

As accessibility of networked devices becomes more and more ubiquitous, groundbreaking applications of the Internet of Things (IoT) find their place in many aspects of our society. The exploitation of these devices is the main reason for the cyberattacks in IoT networks. Security design is still an open problem and a crucial step in making IoT applications successful. In dicey environments, such as e-health, smart grid, and smart cities, real-time commands must reach the end devices in the scale of milliseconds. Traditional public-key cryptosystem, albeit necessary in the context of general Internet security, falls short in establishing new session keys in the scale of milliseconds for critical messages. In this paper, a systematic perspective for securing IoT communication, specifically satisfying the real-time constraint against certain adversaries in realistic settings. First, at the network layer, we propose a secret random route computation scheme using the software-defined network (SDN) based on a capability scheme using the network actions. The computed routes are random in the eyes of the eavesdropper. Second, at the application layer, the source breaks command messages into secret shares and sends them through the network to the destination. Only the legitimate destination device can reconstruct the command. The secret sharing scheme is efficient compared to PKI and comes with information-theoretic security against adversaries. Our proof formalizes the notion of security of the proposed scheme, and our simulations validate our design.