Cryptology ePrint Archive: Report 2017/316

Exploring Potential 6LoWPAN Traffic Side Channels

Yan Yan and Elisabeth Oswald and Theo Tryfonas

Abstract: The Internet of Things (IoT) has become a reality: small connected devices feature in everyday objects including childrens' toys, TVs, fridges, heating control units, etc. Supply chains feature sensors throughout, and significant investments go into researching next-generation healthcare, where sensors monitor wellbeing. A future in which sensors and other (small) devices interact to create sophisticated applications seems just around the corner. All of these applications have a fundamental need for security and privacy and thus cryptography is deployed as part of an attempt to secure them. In this paper we explore a particular type of flaw, namely side channel information, on the protocol level that can exist despite the use of cryptography. Our research investigates the potential for utilising packet length and timing information (both are easily obtained) to extract interesting information from a system. We find that using these side channels we can distinguish between devices, different programs running on the same device including which sensor is accessed. We also find it is possible to distinguish between different types of ICMP messages despite the use of encryption. Based on our findings, we provide a set of recommendations to efficiently mitigate these side channels in the IoT context.

Category / Keywords: applications / 6LoWPAN, Side Channels, Traffic Analysis

Date: received 10 Apr 2017, last revised 12 Apr 2017

Contact author: yanyansmajesty at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20170414:173202 (All versions of this report)

Short URL: ia.cr/2017/316

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]