Secure Device Bootstrapping with the Nimble Out of Band Authentication Protocol

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Sethi, Mohit Mudugodu Seetarama, Raghavendra 2017-06-13T07:26:11Z 2017-06-13T07:26:11Z 2017-05-22
dc.description.abstract The smart personal and business appliances which form the Internet of Things are expected to become ubiquitous and to make our daily life more convenient. Most of these devices are connected though wireless networks to cloud-based online services. However, such devices may be vulnerable to various attacks which could compromise the users’ security and privacy and even cause physical harm. Therefore, securing the network connection for the devices is of utmost importance. In order to secure the network connections, the devices need to be configured with the necessary keys and other connection parameters. There is not yet any widely adopted generic solution for this secure bootstrapping. One proposed solution is out-of-band (OOB) authentication with a protocol called EAP-NOOB, which is a new method for the EAP and IEEE 802.1X authentication framework. The goal of this thesis is to build a prototype of the EAP-NOOB protocol and deploy the prototype to test it with the real-world scenarios. The protocol requires no a-priori information either about the device or the user is necessary for the bootstrapping. Instead, the user’s ownership of the device is established during the bootstrapping process. The protocol was implemented both by adding support for the new EAP method into existing open-source software, the commonly used WPA_Supplicant and Hostapd packages. We also implemented a web interface for the back-end authentication server, which works in tandem with the AAA server, and out-of-band channels based on dynamic QR codes and NFC tags. We used the prototype to test and demonstrate the EAP-NOOB protocol, including its usability and authentication latency. The bootstrapping procedure can be completed in less than a minute in most cases. The main results of the project are the EAP-NOOB implementation and various improvements and clarifications to the protocol specification. These results are an essential part of the protocol standardization process at IETF. en
dc.format.extent 63+8
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.title Secure Device Bootstrapping with the Nimble Out of Band Authentication Protocol en
dc.type G2 Pro gradu, diplomityö fi Sähkötekniikan korkeakoulu fi
dc.subject.keyword IoT en
dc.subject.keyword secured bootstrapping en
dc.subject.keyword out-of-band authentication en
dc.subject.keyword EAP en
dc.subject.keyword EAP-NOOB en
dc.identifier.urn URN:NBN:fi:aalto-201706135412
dc.programme.major Computer Networks (Network Security) fi
dc.programme.mcode ELEC3029 fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Diplomityö fi
dc.contributor.supervisor Aura, Tuomas
dc.programme CCIS - Master’s Programme in Computer, Communication and Information Sciences (TS2013) fi
dc.ethesisid Aalto 9604
dc.location P1 fi

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication


My Account