Sizzle: A Standards-based End-to-End Security Architecture for the Embedded Internet

Sizzle: A Standards-based End-to-End Security Architecture for the Embedded Internet

Vipul Gupta, Michael Wurm, Yu Zhu, Matthew Millard, Stephen Fung, Nils Gura, Hans Eberle, Sheueling Chang Shantz

01 June 2005

According to popular perception, public-key cryptography is beyond the capabilities of highly constrained, "mote"-like, embedded devices. We show that elliptic curve cryptography not only makes public-key cryptography feasible on these devices, it allows one to create a complete secure web server stack that runs efficiently within very tight resource constraints. Our smallfootprint HTTPS stack, nick-named Sizzle, has been implemented on multiple generations of the Berkeley/Crossbow motes where it runs in less than 4KB of RAM, completes a full SSL handshake in 1 second (session reuse takes 0.5 seconds) and transfers 1 KB of application data over SSL in 0.4 seconds. Sizzle is the world's smallest secure web server and can be embedded inside home appliances, personal medical devices, etc., allowing them to be monitored and controlled remotely via a web browser without sacrificing end-to-end security.

This report is an extended version of a paper that received the 'Mark Weiser Best Paper Award' at the Third IEEE International Conference on Pervasive Computing and Communications (PerCom), Hawaii, March 2005.


Venue : N/A

File Name : smli_tr-2005-145.pdf