12 Securing IoT communications

 

This chapter covers

  • Securing IoT communications with Datagram TLS
  • Choosing appropriate cryptographic algorithms for constrained devices
  • Implementing end-to-end security for IoT APIs
  • Distributing and managing device keys

12.1 Transport layer security

12.1.1 Datagram TLS

12.1.2 Cipher suites for constrained devices

12.2 Pre-shared keys

12.2.1 Implementing a PSK server

12.2.2 The PSK client

12.2.3 Supporting raw PSK cipher suites

12.2.4 PSK with forward secrecy

12.3 End-to-end security

12.3.1 COSE

12.3.2 Alternatives to COSE

12.3.3 Misuse-resistant authenticated encryption

12.4 Key distribution and management

12.4.1 One-off key provisioning

12.4.2 Key distribution servers

12.4.3 Ratcheting for forward secrecy

12.4.4 Post-compromise security

Answers to pop quiz questions

Summary