|
This paper focuses on highlighting the vulnerabilities of DTLS handshake process and then optimising the handshake process of the DTLS protocol to prevent the software-based attacks in the smart sensor client and sensors (resource servers). We discussed the scenarios where the handshake process is prone to software attacks and proposed the trusted execution environment-based design of the DTLS handshake to enhance the communication security by eliminating the risk of intermediate keying materials being exposed to a non-secure environment. Our design also considers the resource constrained nature of the sensor nodes and thus split the handshake process such that the memory footprint of the implementation does not overload the TEE. We implemented a DTLS client and a DTLS server on a TEE enabled hardware and compared the performance thereof. Our preliminary experimental results show significant gain for memory footprint, but with a minor penalty in handshake time consumption.
|
