Securing sensor data transmission with ethernet elliptic curve cryptography secure socket layer on STM32F103 device

This is from a research paper
ORIGINAL POST
By Seniman Seniman, Baihaqi Siregar, Rani Masyithah Pelle, Fahmi Fahmi
components
Hardware Components
ARM STM32F103
X 1
Ethernet Shield
X 1
Sensor
X 1
details

Capture.PNG

The development of internet of things (IoT) devices has grown widely and rapidly. There are also various communication media used for the IoT system, including wired ethernet [1-3], Wi-Fi [4-8], and cellular communication [9-11]. These communication media are used in the client-server network model. IoT devices usually read sensor data and send it to a remote server. Users can then view the report of IoT devices from desktop, android, or web-based applications [12, 13] or even can make control over the device [14]. It is essential for securing data transmission in the client-server network model since there are many kinds of
attacks within the network [15-17]. IoT developers should consider implementing SSL protocol for their system against any possible networking or cyber-attacks. IoT devices are also very vulnerable to be hacked [18, 19]. For IoT devices, there are some existing implementations of SSL protocol nowadays, such as Espressif ESP8266 and ESP32 microcontroller [6-8], but this feature only supports for Wi-Fi network. Single board computer based embedded systems and IoT platforms has a complete support of SSL protocol. This system was installed with OpenSSL which has mature SSL protocol implementation [20-22]. But, this
technology comes at quite a high price, longer start up time and higher power consumption [22].

For the STM32 IoT developer, there is official support of SSL protocol using MbedTLS for an ethernet controller, but this feature only ported to a high-performance device family, such as STM32F407. Even more, TCP/IP stack must also be implemented, and external ethernet PHY (physical layer) must be attached. Actually, there is a more simple solution with extra challenging development by using a cheaper STM32F103 microcontroller device with a wiznet W5100/W5500 ethernet shield. Although with a minimal resource of STM32F103 device, 128 KB flash memory, and 20 KB RAM, but with the help of the W5500
ethernet module, the STM32F103 device does not need to work much hard to handle TCP/IP stack. The W5500 ethernet has been integrated with 8 dedicated sockets with TCP/IP stack. There was also study in our previous research in utilizing this ethernet module [23].
In this research, the MbedTLS SSL protocol library has been studied. And the researchers add support for SSL protocol to STM32F103 and W5500 based MbedTLS library. This results in an STM32F103 SSL client device for wired ethernet communication. Because of the limitation of the STM32F103 microcontroller, not all SSL cipher suite can be integrated into the system. Our research integrated ECDHE ECDHA AES128 CBC SHA256 SSL cipher suite to the system. The working system, STM32F103 SSL client device, was able to secure sensor data transmission to a remote server. This system was expected to be
better than AVR or Arduino based IoT devices, which have not any secure communication feature.

System Architecture

Capture.PNG

The development of internet of things (IoT) devices has grown widely and rapidly. There are also various communication media used for the IoT system, including wired ethernet [1-3], Wi-Fi [4-8], and cellular communication [9-11]. These communication media are used in the client-server network model. IoT devices usually read sensor data and send it to a remote server. Users can then view the report of IoT devices from desktop, android, or web-based applications [12, 13] or even can make control over the device [14]. It is essential for securing data transmission in the client-server network model since there are many kinds of
attacks within the network [15-17]. IoT developers should consider implementing SSL protocol for their system against any possible networking or cyber-attacks. IoT devices are also very vulnerable to be hacked [18, 19]. For IoT devices, there are some existing implementations of SSL protocol nowadays, such as Espressif ESP8266 and ESP32 microcontroller [6-8], but this feature only supports for Wi-Fi network. Single board computer based embedded systems and IoT platforms has a complete support of SSL protocol. This system was installed with OpenSSL which has mature SSL protocol implementation [20-22]. But, this
technology comes at quite a high price, longer start up time and higher power consumption [22].

For the STM32 IoT developer, there is official support of SSL protocol using MbedTLS for an ethernet controller, but this feature only ported to a high-performance device family, such as STM32F407. Even more, TCP/IP stack must also be implemented, and external ethernet PHY (physical layer) must be attached. Actually, there is a more simple solution with extra challenging development by using a cheaper STM32F103 microcontroller device with a wiznet W5100/W5500 ethernet shield. Although with a minimal resource of STM32F103 device, 128 KB flash memory, and 20 KB RAM, but with the help of the W5500
ethernet module, the STM32F103 device does not need to work much hard to handle TCP/IP stack. The W5500 ethernet has been integrated with 8 dedicated sockets with TCP/IP stack. There was also study in our previous research in utilizing this ethernet module [23].
In this research, the MbedTLS SSL protocol library has been studied. And the researchers add support for SSL protocol to STM32F103 and W5500 based MbedTLS library. This results in an STM32F103 SSL client device for wired ethernet communication. Because of the limitation of the STM32F103 microcontroller, not all SSL cipher suite can be integrated into the system. Our research integrated ECDHE ECDHA AES128 CBC SHA256 SSL cipher suite to the system. The working system, STM32F103 SSL client device, was able to secure sensor data transmission to a remote server. This system was expected to be
better than AVR or Arduino based IoT devices, which have not any secure communication feature.

System Architecture

COMMENTS

Please Login to comment
  Subscribe  
Notify of