IoT security - TLS IPSec with AES

0 votes

I need some sort of a protection for my device data being transmitted to the cloud server using an MQTT broker. And, because I've been using STM32 for my IoT devices, TLS does not seem like a good option due to the limited ROM of about 60K on the STM32 board. Also, I'm depending on GPRS for communication, which doesn't support TLS either. Now, I've been considering using IPSec for my transport layer security as having only AES is just not enough.

Can someone please guide me on the following set of questions so that I can effectively have secure transactions?

  • Can I use TLS in this environment with limited ROM?
  • Can IPSec be used for such IoT environments?
  • If IPSec works, will just AES and IPSec be sufficient or will I still need to consider other security options?

Oct 16, 2018 in IoT (Internet of Things) by Bharani
• 4,660 points
1,106 views

1 answer to this question.

0 votes
TBH, IPSec endpoints are really uncommon. And, since it's a tunneling technology, you'll be needing two tunnel endpoints; one on your IoT device and the other in your cloud server where you'll be sending the data.

Hence, I'd recommend you go with TLS. Now, I'm not entirely sure how much ROM a TLS implementation would need, but you should be able to decrease the size by compiling the TLS library yourself. TLS libraries are generally large because they support 4 SSL/TLS versions and dozens of ciphers. So, if you disable all the unused modes (SSL, TLSv1, TLSv1.1) and ciphers that your cloud service supports, and just keep TLSv1.2 along with one or two ciphers, you should be able to solve your limited ROM problem by adapting them in your TLS library accordingly.
answered Oct 16, 2018 by DataKing99
• 8,250 points

Related Questions In IoT (Internet of Things)

0 votes
1 answer
0 votes
1 answer

Display time in a Windows Core IoT app with a clock!

It is possible, but you should understand ...READ MORE

answered Jul 10, 2018 in IoT (Internet of Things) by nirvana
• 3,130 points
1,517 views
0 votes
1 answer

AWS IoT - Access shadow through .Net, REST, with certificate

If you want to publish and/or subscribe ...READ MORE

answered Jul 25, 2018 in IoT (Internet of Things) by anonymous2
• 4,280 points
1,982 views
0 votes
1 answer

Displaying Table Schema using Power BI with Azure IoT Hub

Answering your first question, Event Hubs are ...READ MORE

answered Aug 1, 2018 in IoT (Internet of Things) by nirvana
• 3,130 points
1,200 views
0 votes
1 answer

Identification of vulnerable code in an IoT node

The software running on a device is ...READ MORE

answered Aug 30, 2018 in IoT (Internet of Things) by Annie97
• 2,160 points
649 views
0 votes
2 answers

Unable to find valid certification path to requested target

Unfortunately - it could be many things ...READ MORE

answered Dec 15, 2020 in Java by Roshni
• 10,520 points
42,271 views
0 votes
1 answer

Enable https on a Linux system

Hi @hannah, you can execute the following ...READ MORE

answered Dec 13, 2019 in Linux Administration by Priyaj
688 views
0 votes
1 answer
0 votes
1 answer

Autostart published Application on Windows 10 IoT

It can be done by making changes ...READ MORE

answered Jul 13, 2018 in IoT (Internet of Things) by DataKing99
• 8,250 points
1,751 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP