Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security
The Internet of Things (IoT) security is one of the most important issues developers have to face. Data tampering must be prevented in IoT devices and some or all of the confidentiality, integrity, and authenticity of sensible data files must be assured in most practical IoT applications, especially...
| Autores: | , , , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Estado: | Versión publicada |
| Fecha de publicación: | 2021 |
| País: | España |
| Institución: | Universidad de Sevilla (US) |
| Repositorio: | idUS. Depósito de Investigación de la Universidad de Sevilla |
| OAI Identifier: | oai:idus.us.es:11441/129557 |
| Acceso en línea: | https://hdl.handle.net/11441/129557 https://doi.org/10.3390/electronics10233036 |
| Access Level: | acceso abierto |
| Palabra clave: | LUKS Embedded systems Field Programmable Gate Array (FPGA) IoT |
| id |
ES_aa2ab121ec3eaeef189bd7eb7ceedc8e |
|---|---|
| oai_identifier_str |
oai:idus.us.es:11441/129557 |
| network_acronym_str |
ES |
| network_name_str |
España |
| repository_id_str |
|
| spelling |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT SecurityCano Quiveu, GermánRuiz de Clavijo Vázquez, PaulinoBellido Díaz, Manuel JesúsJuan Chico, JorgeViejo Cortés, JuliánGuerrero Martos, DavidOstúa Arangüena, EnriqueLUKSEmbedded systemsField Programmable Gate Array (FPGA)IoTThe Internet of Things (IoT) security is one of the most important issues developers have to face. Data tampering must be prevented in IoT devices and some or all of the confidentiality, integrity, and authenticity of sensible data files must be assured in most practical IoT applications, especially when data are stored in removable devices such as microSD cards, which is very common. Software solutions are usually applied, but their effectiveness is limited due to the reduced resources available in IoT systems. This paper introduces a hardware-based security framework for IoT devices (Embedded LUKS) similar to the Linux Unified Key Setup (LUKS) solution used in Linux systems to encrypt data partitions. Embedded LUKS (E-LUKS) extends the LUKS capabilities by adding integrity and authentication methods, in addition to the confidentiality already provided by LUKS. E-LUKS uses state-of-the-art encryption and hash algorithms such as PRESENT and SPONGENT. Both are recognized as adequate solutions for IoT devices being PRESENT incorporated in the ISO/IEC 29192- 2:2019 for lightweight block ciphers. E-LUKS has been implemented in modern XC7Z020 FPGA chips, resulting in a smaller hardware footprint compared to previous LUKS hardware implementations, a footprint of about a 10% of these LUKS implementations, making E-LUKS a great alternative to provide Full Disk Encryption (FDE) alongside authentication to a wide range of IoT devices.Ministerio de Economía y Competitividad TIN2017-89951-PMDPITecnología ElectrónicaMinisterio de Economía y Competitividad (MINECO). España2021info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfapplication/pdfhttps://hdl.handle.net/11441/129557https://doi.org/10.3390/electronics10233036reponame:idUS. Depósito de Investigación de la Universidad de Sevillainstname:Universidad de Sevilla (US)InglésElectronics, 10 (23), 3036-1-3036-22.TIN2017-89951-Phttps://www.mdpi.com/2079-9292/10/23/3036info:eu-repo/semantics/openAccessoai:idus.us.es:11441/1295572026-06-17T12:51:07Z |
| dc.title.none.fl_str_mv |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| title |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| spellingShingle |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security Cano Quiveu, Germán LUKS Embedded systems Field Programmable Gate Array (FPGA) IoT |
| title_short |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| title_full |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| title_fullStr |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| title_full_unstemmed |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| title_sort |
Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security |
| dc.creator.none.fl_str_mv |
Cano Quiveu, Germán Ruiz de Clavijo Vázquez, Paulino Bellido Díaz, Manuel Jesús Juan Chico, Jorge Viejo Cortés, Julián Guerrero Martos, David Ostúa Arangüena, Enrique |
| author |
Cano Quiveu, Germán |
| author_facet |
Cano Quiveu, Germán Ruiz de Clavijo Vázquez, Paulino Bellido Díaz, Manuel Jesús Juan Chico, Jorge Viejo Cortés, Julián Guerrero Martos, David Ostúa Arangüena, Enrique |
| author_role |
author |
| author2 |
Ruiz de Clavijo Vázquez, Paulino Bellido Díaz, Manuel Jesús Juan Chico, Jorge Viejo Cortés, Julián Guerrero Martos, David Ostúa Arangüena, Enrique |
| author2_role |
author author author author author author |
| dc.contributor.none.fl_str_mv |
Tecnología Electrónica Ministerio de Economía y Competitividad (MINECO). España |
| dc.subject.none.fl_str_mv |
LUKS Embedded systems Field Programmable Gate Array (FPGA) IoT |
| topic |
LUKS Embedded systems Field Programmable Gate Array (FPGA) IoT |
| description |
The Internet of Things (IoT) security is one of the most important issues developers have to face. Data tampering must be prevented in IoT devices and some or all of the confidentiality, integrity, and authenticity of sensible data files must be assured in most practical IoT applications, especially when data are stored in removable devices such as microSD cards, which is very common. Software solutions are usually applied, but their effectiveness is limited due to the reduced resources available in IoT systems. This paper introduces a hardware-based security framework for IoT devices (Embedded LUKS) similar to the Linux Unified Key Setup (LUKS) solution used in Linux systems to encrypt data partitions. Embedded LUKS (E-LUKS) extends the LUKS capabilities by adding integrity and authentication methods, in addition to the confidentiality already provided by LUKS. E-LUKS uses state-of-the-art encryption and hash algorithms such as PRESENT and SPONGENT. Both are recognized as adequate solutions for IoT devices being PRESENT incorporated in the ISO/IEC 29192- 2:2019 for lightweight block ciphers. E-LUKS has been implemented in modern XC7Z020 FPGA chips, resulting in a smaller hardware footprint compared to previous LUKS hardware implementations, a footprint of about a 10% of these LUKS implementations, making E-LUKS a great alternative to provide Full Disk Encryption (FDE) alongside authentication to a wide range of IoT devices. |
| publishDate |
2021 |
| dc.date.none.fl_str_mv |
2021 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
https://hdl.handle.net/11441/129557 https://doi.org/10.3390/electronics10233036 |
| url |
https://hdl.handle.net/11441/129557 https://doi.org/10.3390/electronics10233036 |
| dc.language.none.fl_str_mv |
Inglés |
| language_invalid_str_mv |
Inglés |
| dc.relation.none.fl_str_mv |
Electronics, 10 (23), 3036-1-3036-22. TIN2017-89951-P https://www.mdpi.com/2079-9292/10/23/3036 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf application/pdf |
| dc.publisher.none.fl_str_mv |
MDPI |
| publisher.none.fl_str_mv |
MDPI |
| dc.source.none.fl_str_mv |
reponame:idUS. Depósito de Investigación de la Universidad de Sevilla instname:Universidad de Sevilla (US) |
| instname_str |
Universidad de Sevilla (US) |
| reponame_str |
idUS. Depósito de Investigación de la Universidad de Sevilla |
| collection |
idUS. Depósito de Investigación de la Universidad de Sevilla |
| repository.name.fl_str_mv |
|
| repository.mail.fl_str_mv |
|
| _version_ |
1869416138954244096 |
| score |
15.81155 |