Security in the IoT: from energy-constrained nodes to cellular network architectures

In the Internet of Things (IoT) devices can communicate with each other, perform complex actions and take decisions in an autonomous way. IoT devices are expected to be in the tens of billions, very diverse and with different requirements. In particular, some IoT devices will be energy constrained and often deployed in hard-to-access places (e.g., underwater sensors, space sensors), while others will have no such energy constrains. The former type, in order to save energy, will require the use of low-energy technologies such as multi-hop routing and light-weight block-ciphers; the latter type, on the other hand, will be able to use cellular networks, WiFi and traditional Internet protocols. Given the very challenging operational conditions of energy-constrained devices, we look at new ways to provide energy-efficient data confidentiality in the IoT. Furthermore, while standardization bodies are working on new standards (e.g., 5G) in order to enable cellular networks to suppor billions of devices, the IoT can also be a vehicle for new attacks of massive scale against the network infrastructure itself (e.g., the cellular network). In order to protect against such large-scale attacks, we propose a new core-network architecture for mobile networks designed, among other things, to disable certain types of attacks (e.g., Distributed Denial of Service) from happening in the first place.