Secure storage and transfer of data in a smart lock system

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Date
2017-04-03
Department
Major/Subject
Computer Science
Mcode
SCI3042
Degree programme
Master’s Programme in Computer, Communication and Information Sciences
Language
en
Pages
66+6
Series
Abstract
The Internet of Things plays a bigger and bigger role in our everyday life. One example of IoT devices are smart locks. Lukoton Experience Oy is a Finnish company working on smart lock systems for businesses. The aims of this work were to analyse their existing smart lock system from the security perspective and to design a new system using the opportunities of an Atmel Corporation EEPROM chip with embedded cryptographic functions. Subsequent to this, the new design was compared to the existing system as well as to similar products on the market. The new system uses AES encryption in CCM mode, stores the keys only in a protected EEPROM chip and the cloud server, and uses Bluetooth Low Energy and HTTPS channels for sending data. The paper presents the new system in detail and shows that it is more secure than the existing one by providing authentication and message integrity as well as better protection of the chip at hardware and software level. It rejects all common attacks and stops Replay attacks at an earlier stage. The new system also resists attacks that many analogues on the market are susceptible to.
Description
Supervisor
Orponen, Pekka
Thesis advisor
Nyberg, Kaisa
Juntunen, Jarkko
Keywords
cryptography, data exchange, information security, internet of things, replay attack, smart locks
Other note
Citation