Secure storage and transfer of data in a smart lock system
Loading...
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu |
Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Author
Date
2017-04-03
Department
Major/Subject
Computer Science
Mcode
SCI3042
Degree programme
Master’s Programme in Computer, Communication and Information Sciences
Language
en
Pages
66+6
Series
Abstract
The Internet of Things plays a bigger and bigger role in our everyday life. One example of IoT devices are smart locks. Lukoton Experience Oy is a Finnish company working on smart lock systems for businesses. The aims of this work were to analyse their existing smart lock system from the security perspective and to design a new system using the opportunities of an Atmel Corporation EEPROM chip with embedded cryptographic functions. Subsequent to this, the new design was compared to the existing system as well as to similar products on the market. The new system uses AES encryption in CCM mode, stores the keys only in a protected EEPROM chip and the cloud server, and uses Bluetooth Low Energy and HTTPS channels for sending data. The paper presents the new system in detail and shows that it is more secure than the existing one by providing authentication and message integrity as well as better protection of the chip at hardware and software level. It rejects all common attacks and stops Replay attacks at an earlier stage. The new system also resists attacks that many analogues on the market are susceptible to.Description
Supervisor
Orponen, PekkaThesis advisor
Nyberg, KaisaJuntunen, Jarkko
Keywords
cryptography, data exchange, information security, internet of things, replay attack, smart locks