Securing Internet of Things Applications with Mbed TLS

Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) are popular communication security protocols. They have a long history of securing application traffic for web and smartphone applications. Today, they are also used extensively to secure Internet of Things (IoT) communication. At Arm, for example, we use TLS and DTLS in our IoT Device Management communication, as part of our Pelion platform.

The use of TLS and DTLS in IoT is not surprising because IoT applications require communication security, and these security protocols have been deployed at scale successfully for a long time.

Understanding TLS and DTLS is, therefore, important for every engineer, and this webinar series offers an easy way to increase your knowledge. These hands-on sessions aim to further your understanding of the details, even if you are only exposed to the functionality as part of a larger IoT stack and you do not plan to implement it yourself.

Due to the popularity of TLS and DTLS, various extensions and optimizations have been standardized. While this gives developers choice in tailoring the security protocol to a specific environment, it can also feel overwhelming to some. Mbed TLS, a popular embedded TLS/DTLS stack, also offers compile- and -runtime options to lower code size, RAM utilization, and over-the-wire overhead.

In this webinar series I explain when and how to use various extensions. To make it practical, Mbed TLS-specific configuration options are explained and illustrated based on the Keil ┬ÁVision 5 IDE.

Videos, example code, and slides can be downloaded from https://www2.keil.com/mbed/mbedtls. This webinar series is structured as follows:

  • Part #1 talks about pre-shared secret-based authentication in TLS 1.2.
  • Part #2 explains public key-based authentication in TLS 1.2.
  • Part #3 explains the motivation behind the use of hardware-based random number generators and offers a description of how to integrate them into the Mbed TLS stack.
  • Part #4 focuses on DTLS.

If you are interested in TLS and DTLS, you will most likely also find the recent publication of the SecureMark-TLS benchmark relevant. A short introduction to this new EEMBC benchmark can be found at https://www.eembc.org/securemark/. The webinar about Lightweight Machine-to-Machine (LwM2M) communication may also be of interest to you if you are interested in securing an IoT device management solution.

Leave a Reply

Your email address will not be published. Required fields are marked *