S3K: Scalable Security With Symmetric Keys—DTLS Key Establishment for the Internet of Things

Abstract—Abstract DTLS is becoming the de facto standard for communication security in the Internet of Things (IoT). In order to run the DTLS protocol, one needs to establish keys between the communicating devices. The default method of key establishment requires X.509 certificates and a Public Key Infrastructure, an approach which is often too resource consuming for small IoT devices. DTLS also supports the use of preshared keys and raw public keys. These modes are more lightweight, but they are not scalable to a large number of devices. We present Scalable Security with Symmetric Keys (S3K), a key management architecture for the resource constrained IoTs. S3K provides a flexible and scalable way of establishing keys between resource constrained IoT devices. S3K enables devices that have no previous, direct security relation to use DTLS with either preshared symmetric keys or raw public keys established and authorized during the DTLS handshake. We implement S3K in the Contiki OS and evaluate it on real IoT hardware. Our evaluation shows that S3K is feasible in constrained environment and at the same time scalable to a large number of devices.< final year projects >