Digital Representation for Web of Trust in Internet of Things

Autor Poorvi Mandyam Bhoolokam
Date 12. January 2021
Degree Master
Title Digital Representation for Web of Trust in Internet of Things
Abstract With Internet of Things (IoT) gaining dominance in the field of technology, devices are getting smarter day by day. The usage of smart devices poses one major challenge - Security. Security of devices and their services are of top priority which has been the key research area in the field of IoT. Security puts forth the concept of trust networks which forms the basis for several smart home security networks. The main task of this research is to model a trust network and to compute the trust value. Many kinds of research use centralized Public Key Infrastructure (PKI) to establish trust between peers. The disadvantage of centralized PKI is that the certificate exchange is dependent on a Central Authority (CA) which in some cases may prove to be malicious. This research employs the concept of the web of trust where peers authenticate themselves and there is no CA involved, in the sense that it is a decentralized PKI. The peers are required to authenticate each other by exchanging their certificates and validating them. In the web of trust, peers exchange certificates and validate them through a digital signature. The creation of a digital signature involves encryption algorithms. The most widely used algorithms are Digital Signature Algorithm (DSA), Rivest–Shamir–Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA). Among these, ECDSA proves to be efficient. The major advantages of ECDSA over DSA and RSA are smaller key size implying lesser memory consumption and better security. The trust model is first designed as a network model for a smart home scenario. This is further represented as a bi-directional graph with vertices V, edges E and a weight function w: kx , ky , t, A. The proposed approach is to convert the bi-directional graph into an electrical network of resistors to calculate the trust value. The peers exchange their public keys to validate each other using ECDSA following the concept of the web of trust. In the process of key exchange and authentication, some unlikely smart home problems might occur, for instance, a new peer enters the network or an existing peer leaves the network. Such scenarios are considered for trust value computation. The trust value is calculated as conductance G which is the reciprocal of the total resistance R in a network. The translation of the graph to the electrical network is done based on the series and parallel trust properties which can be easily mapped to the series and parallel connection of resistors in the network. It is proven that trust degree along a series path is lesser than that along parallel paths. This can be compared to the conductance in an electrical network of resistors where the conductance across the series connection of resistances is lesser than that across the parallel connection of resistors. The trust value is returned as conductance from the electrical network. The JavaScript Object Notation (JSON) description of the entire trust model is scripted considering all the key factors. The trust model is evaluated in three parts. Part 1 is the overhead analysis in which overhead between peers during the key exchange is computed. Data overhead, message overhead and database overhead are computed with reference to ECDSA. The overhead is also computed based on smart home problems. Part 2 is the attack tree analysis where all the possible attacks that could occur so as to compromise the system are described as attack scenarios. The attack tree is then analyzed based on the attacks that are prevented by the proposed approach. Part 3 is the validation of the proposed electrical network. The conductance value is calculated for two different examples considering the smart home problems that could occur within a communication network. The trust value calculated as conductance value is verified and evaluated.

Last Modification: 01.02.2021 - Contact Person: M.Sc. Frank Engelhardt