Sizzle - Securing the Embedded Internet

As the number of potential applications for wireless sensor devices grows, so does the need to simplify and secure interaction with these devices. Embedding a secure web server (capable of HTTP over SSL, aka HTTPS) inside these devices enables them to be monitored and controlled securely via a user-friendly browser-based interface. This idea led to the development of a small secure web server for wireless sensors, nicknamed "Sizzle", by Sun Microsystems Laboratories.

This thesis presents several enhancements of Sizzle's architecture, made with the goal of improving its performance, energy efficiency, and reliability. These enhancements include the implementation of an energy-conserving communication protocol, capable of low-power listening for incoming service requests, and the porting of Sizzle to a new platform with a faster processor and faster networking. SSL key exchanges based on RSA and Elliptic Curve Cryptography are compared on different wireless sensor platforms, and an empirical analysis of the energy consumption of SSL on the Telos platform is presented.

According to popular perception, public-key cryptography is beyond the capabilities of highly constrained, "mote"-like, embedded devices. We show that elliptic curve cryptography not only makes public-key cryptography feasible on these devices, it allows one to create a complete secure web server stack that runs efficiently within very tight resource constraints. Our smallfootprint HTTPS stack, nicknamed Sizzle, has been implemented on multiple generations of the Berkeley/Crossbow motes where it runs in less than 4KB of RAM, completes a full SSL handshake in 1 second (session reuse takes 0.5 seconds) and transfers 1 KB of application data over SSL in 0.4 seconds. Sizzle is the world's smallest secure web server and can be embedded inside home appliances, personal medical devices, etc., allowing them to be monitored and controlled remotely via a web browser without sacrificing end-to-end security.

A client node is communicatively coupled to a gateway node via a TCP/IP network. One or more constrained devices that include a wireless receiver/transmitter circuit communicate with the gateway node via a wireless network. The gateway node includes a web server that provides a dynamic web page accessible by the client node that has a list of the one or more active constrained devices on the wireless network. Each device entry in the list includes a URL that acts as an entry point for the client node to communicate with a web server in a corresponding constrained device. The gateway node automatically discovers a new device on the wireless network and populates the list of the one or more active constrained devices with the newly present constrained device. The new constrained device may be detected based on a periodic message sent by the constrained device indicating the constrained device has turned on its receiver/transmitter circuit for a period of time.