slict: secure localized information centric...
TRANSCRIPT
![Page 1: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/1.jpg)
Marcel Enguehard, Ralph Droms, Dario Rossi26 September 2016Workshop on Information Centric Networking for 5G, Kyoto, 2016
SLICT: Secure Localized Information Centric Things
![Page 2: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/2.jpg)
Can we securely deploy geographic forwarding on Information Centric Things?
![Page 3: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/3.jpg)
Information Centric Things
Constrained nodes Broadcast link Ad-hoc multihop
network
![Page 4: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/4.jpg)
ICN for IoT?
Old idea, new method (Intanagonwiwat et al., MOBICOM’00)
Simplicity is better for constrained devices (Bacelli et al., ICN’14)
Security model
![Page 5: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/5.jpg)
Vanilla ICN forwarding for ICT is hard
“I want the temperature in the room 301 of building A”
Interest/bA/f3/r301/temp
How do I find this name ?
![Page 6: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/6.jpg)
Forwarding for ICN-IoT nodes: challenges
Dynamic topology
Control traffic
Routing state
![Page 7: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/7.jpg)
Geographic forwarding for ICT is easier
“I want the temperature in the room 301 of building A”
Interest/bA/f3/r301/temp
location
Interest/coord/temp
How do I find this position?
![Page 8: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/8.jpg)
Geographic forwarding
Local control traffic
State = list of neighbours
Efficient delivery (no learning process)
![Page 9: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/9.jpg)
Greedy forwarding Perimeter forwarding
GPSR – Greedy and perimeter mode
D
S
2
1
3 S
D
Karp et al., Mobicom’ 00
![Page 10: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/10.jpg)
The SLICT framework
Secure Localized Information Centric Things
Association protocol
Secure beaconing
Geographic forwarding
ICN stack over RIOT
![Page 11: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/11.jpg)
• Establish trust between physical neighbors
• OnboardICNg (A. Compagno et al., Wednesday afternoon)
• Comparison with ECC-based (M. Enguehard et al., Poster session)
Association protocol
![Page 12: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/12.jpg)
Neighbourhood + location updatesEncryption through AES broadcast keys
Secure Beaconing n1 n2 n3
Association
AssociationCreates persistent/ndb/n2 pit entry
Creates persistent/ndb/n2 pit entry
Content messageName: /ndb/n2
Payload: coordinates, seq num
Updatesn2 position in DB
Updatesn2 position in DB
![Page 13: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/13.jpg)
• Data name: /g/locinf/rest/of/name• FIB entry for /g/:
• Face: virtual face (all neighbours)• Strategy: GPSR
• TLV for additional information
Geographic forwarding for ICThings
![Page 14: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/14.jpg)
ICN stack over RIOT
Forwarder module
Extract name
FIB module
Get faces & strategy
Strategy module
Apply strategy
Forward on selected faces
Returns virtual face + wrapper to GPSR Computes
next node in GPSR
![Page 15: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/15.jpg)
OpenMote• ARM Cortex-M3 @ 32MHz• AES+ECC hardware support• 32KB RAM• 512KB ROM• Open source design
Our IoT hardware
![Page 16: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/16.jpg)
Evaluation criteria
CPU Memory Energy
![Page 17: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/17.jpg)
Cycle counter in M3
E=ncyc*P/f
#include <cc2538.h>#include <stdint.h>
int main () {
uint32_t nb_cycles;
//Enables debugCoreDebug->DEMCR |= _VAL2FLD(CoreDebug_DEMCR_TRCENA,1);//Enables cycles counterDWT->CTRL |= _VAL2FLD(DWT_CTRL_CYCCNTENA,1);
populate_tables ();
//Reinitialises cycle counterDWT->CYCCNT = 0;perform_test ();nb_cycles = DWT->CYCCNT;
...}
Evaluation setup
![Page 18: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/18.jpg)
5 10 15
10
20
30
40
50
Num
bero
fFIB
entri
es
0.5x
1.0x
2.0x 4.
0x
CPU
5 10 15Number of neighbours
0.5x
1.0x
2.0x
4.0x
Memory
0 5 10 15 20
Combined
Relative memory & CPU consumption
Geographic forwarding has a smaller memory footprint
Geographic forwarding has a smaller memory and CPU footprint
![Page 19: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/19.jpg)
Forwarding vs cryptography/communication
Communication & cryptography costs estimated thanks to:Shafagh et al. Talos: Encrypted Query Processing for the Internet of Things, SenSys’ 15
Geo TLV
Large number of neighbors
![Page 20: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/20.jpg)
• Flexibility of ICN + efficiency of geographic forwarding
• Outperforms FIB forwarding in CPU & memory
• Cost of control traffic?Questions: [email protected]
Conclusion
![Page 21: SLICT: Secure Localized Information Centric Thingsconferences2.sigcomm.org/acm-icn/2016/slides/Workshop/... · 2016-09-27 · 26 September 2016 Workshop on Information Centric Networking](https://reader034.vdocuments.us/reader034/viewer/2022050403/5f807ed8820a2633b6255399/html5/thumbnails/21.jpg)