Secure device bootstrapping with the nimble out of band authentication Protocol
| dc.contributor | Aalto-yliopisto | fi |
| dc.contributor | Aalto University | en |
| dc.contributor.advisor | Sethi, Mohit | |
| dc.contributor.author | Mudugodu Seetarama, Raghavendra | |
| dc.contributor.school | Sähkötekniikan korkeakoulu | fi |
| dc.contributor.supervisor | Aura, Tuomas | |
| dc.date.accessioned | 2017-06-13T07:26:11Z | |
| dc.date.available | 2017-06-13T07:26:11Z | |
| dc.date.issued | 2017-05-22 | |
| dc.description.abstract | The smart personal and business appliances which form the Internet of Things are expected to become ubiquitous and to make our daily life more convenient. Most of these devices are connected though wireless networks to cloud-based online services. However, such devices may be vulnerable to various attacks which could compromise the users’ security and privacy and even cause physical harm. Therefore, securing the network connection for the devices is of utmost importance. In order to secure the network connections, the devices need to be configured with the necessary keys and other connection parameters. There is not yet any widely adopted generic solution for this secure bootstrapping. One proposed solution is out-of-band (OOB) authentication with a protocol called EAP-NOOB, which is a new method for the EAP and IEEE 802.1X authentication framework. The goal of this thesis is to build a prototype of the EAP-NOOB protocol and deploy the prototype to test it with the real-world scenarios. The protocol requires no a-priori information either about the device or the user is necessary for the bootstrapping. Instead, the user’s ownership of the device is established during the bootstrapping process. The protocol was implemented both by adding support for the new EAP method into existing open-source software, the commonly used WPA_Supplicant and Hostapd packages. We also implemented a web interface for the back-end authentication server, which works in tandem with the AAA server, and out-of-band channels based on dynamic QR codes and NFC tags. We used the prototype to test and demonstrate the EAP-NOOB protocol, including its usability and authentication latency. The bootstrapping procedure can be completed in less than a minute in most cases. The main results of the project are the EAP-NOOB implementation and various improvements and clarifications to the protocol specification. These results are an essential part of the protocol standardization process at IETF. | en |
| dc.ethesisid | Aalto 9604 | |
| dc.format.extent | 63+8 | |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.uri | https://aaltodoc.aalto.fi/handle/123456789/26703 | |
| dc.identifier.urn | URN:NBN:fi:aalto-201706135412 | |
| dc.language.iso | en | en |
| dc.location | P1 | fi |
| dc.programme | CCIS - Master's Programme in Computer, Communication and Information Sciences (TS2013) | fi |
| dc.programme.major | Computer Networks (Network Security) | fi |
| dc.programme.mcode | ELEC3029 | fi |
| dc.subject.keyword | IoT | en |
| dc.subject.keyword | secured bootstrapping | en |
| dc.subject.keyword | out-of-band authentication | en |
| dc.subject.keyword | EAP | en |
| dc.subject.keyword | EAP-NOOB | en |
| dc.title | Secure device bootstrapping with the nimble out of band authentication Protocol | en |
| dc.type | G2 Pro gradu, diplomityö | fi |
| dc.type.ontasot | Master's thesis | en |
| dc.type.ontasot | Diplomityö | fi |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- master_Mudugodu_Seetarama_Raghavendra_2017.pdf
- Size:
- 1.55 MB
- Format:
- Adobe Portable Document Format