A Handshake Protocol With Unbalanced Cost for Wireless Updating

Wireless updating is an essential method to update system files or fix bugs in Internet of Things (IoT) devices. A significant and challenging problem in wireless updating is security. First, without security guarantees, attackers can utilize the updating procedure to install harmful programs into the victim devices. Second, it is challenging to provide security for wireless updating, since in many IoT scenarios, the devices to be updated are computationally limited devices and located far from the center that issues update files. Currently, there are two types of solution to protect the wireless updating. The first one is the transport layer security (TLS) protocol or secure sockets layer (SSL) protocol that are used by wireless updating schemes for mobile terminals with the following operation systems: Windows, Debian, Android, and iOS. Another solution is the elliptic curve Diffie-Hellman (ECDH)-based handshake in the software-defined function (SDF) wireless updating scheme for the IoT devices. However, both the two solutions require equal computation tasks on the update file issuing center and the device to be updated. Normally, the former is much powerful than the latter. Therefore, to further address the security problem in wireless updating, we propose a novel solution with unbalanced computation costs on the two parties. In particular, we design an improved ECDH-based handshake protocol for the SDF wireless updating scheme, namely, the unbalanced OpenFunction handshake protocol. The protocol transfers significant computation task from the limited IoT device to the powerful center. The security of the protocol is analyzed. A prototype is realized to test the performance of the protocol. The experiment results show that in the same experimental platform, our protocol is much lightweight than the TLS handshake protocol and SSL handshake protocol.