According to popular perception, public-key cryptography is beyond the capabilities of highly constrained, "mote"-like, embedded devices. We show that elliptic curve cryptography not only makes public-key cryptography feasible on these devices, it allows one to create a complete secure web server stack that runs efficiently within very tight resource constraints. Our small- footprint HTTPS stack, nick-named Sizzle, has been implemented on multiple generations of the Berkeley/Crossbow motes where it runs in less than 4KB of RAM, completes a full SSL handshake in 1 second (session reuse takes 0.5 seconds) and transfers 1 KB of application data over SSL in 0.4 seconds. Sizzle is the world's smallest secure web server and can be embedded inside home appliances, personal medical devices, etc., allowing them to be monitored and controlled remotely via a web browser without sacrificing end-to-end security.
This report is an extended version of a paper that received the "Mark Weiser Best Paper Award" at the Third IEEE International Conference on Pervasive Computing and Communications (PerCom), Hawaii, March 2005.
Cited By
Kalita H and Kar A Key management in secure self organized wireless sensor network Proceedings of the International Conference & Workshop on Emerging Trends in Technology, (865-870)- Bianchi G, Capossele A, Mei A and Petrioli C Flexible key exchange negotiation for wireless sensor networks Proceedings of the fifth ACM international workshop on Wireless network testbeds, experimental evaluation and characterization, (55-62)
- Laxaman N, Goonatillake M and De Zoysa K TikiriAC Proceedings of the 4th international conference on Real-world wireless sensor networks, (202-205)
Recommendations
Sizzle: A standards-based end-to-end security architecture for the embedded Internet
According to popular perception, public-key cryptography is beyond the capabilities of highly constrained, ''mote''-like, embedded devices. We show that elliptic curve cryptography not only makes public-key cryptography feasible on these devices, it ...
Sizzle: A Standards-Based End-to-End Security Architecture for the Embedded Internet (Best Paper)
PERCOM '05: Proceedings of the Third IEEE International Conference on Pervasive Computing and CommunicationsThis paper introduces Sizzle, the first fully-implemented end-to-end security architecture for highly constrained embedded devices. According to popular perception, publickey cryptography is beyond the capabilities of such devices. We show that elliptic ...