Issue link: https://resources.mouser.com/i/1437738
• Encryption: The messages exchanged between communicating applications are encrypted to ensure that the connection is private, with symmetric cryptography used for data encryption. • Authentication: A certificate-based mechanism is used to verify identity. • Integrity: To ensure that a connection is reliable and ensure message integrity, Message Authentication Code (MAC) mechanisms detect message tampering and forgery. Datagram Transport Layer Security (DTLS) is a communications protocol designed to secure datagram-based communications and prevent eavesdropping and tampering. It is based on the TLS protocol and provides a similar level of security. It can be used across web browsing, mail, instant messaging and VoIP. DTLS employs the Use Datagram Protocol (UDP), while TLS uses Transmission Control Protocol (TCP). However, DTLS offers lower overhead and reduced latency than TLS, making it a good choice for time-sensitive transmissions. DTLS is one of the security protocols used for Web Real Time Communication (WebRTC) technology for web browsers via simple JavaScript APIs. Secure IoT and Cloud Communication The recent growth of the Internet of Things (IoT) and cloud computing have introduced new requirements for secure digital communication. The IoT comprises a sprawling set of technologies and connected smart devices such as sensors and actuators that intelligently link together to enable new forms of communication between and among things and people. In the process, IoT devices generate massive amounts of data, and cloud computing provides a pathway to enable data to travel to its intended destination, or to perform computations that are beyond the often-limited processing power of IoT devices. IoT use cases include smart homes, smart cities, wearables, e-health, agriculture, and energy management. These smart networks have the capability to collect and analyze information and even make decisions without any human interaction. In these scenarios, digital communication security is of utmost importance given the impact that could result from a malicious unauthenticated device in an IoT system. Although the security requirements of an IoT network (the need for confidentiality, integrity, or authentication) are largely defined by the type of applications it serves, traditional authentication or cryptographic approaches might not be possible with resource-limited IoT devices and networks. IoT devices need to authenticate and be provisioned to use cloud services. Most cloud providers today use combinations of HyperText Transfer Protocol (HTTP), Message Queuing Telemetry Transport (MQTT), and Constrained Application Protocol (CoAP) for data transmissions secured via TLS/DTLS using provisioning certificates and keys generated against device credentials or through side-channel mechanisms. HTTP is the underlying protocol used by the World Wide Web. It was designed for communication between web browsers and web servers, but it can also be used for other purposes. However, HTTP was originally designed as a clear text protocol, and is vulnerable to eavesdropping and man-in-the-middle attacks. HyperText Transfer Protocol Secure (HTTPS) is an extension of HTTP and is used for secure communication over computer networks and the internet. HTTPS augments HTTP with TLS encryption to ensure all data exchanged between networked devices is encrypted in both directions. This is achieved through PKI and the use of X.509 certificates to attach cryptographic key pairs to the identities of trusted devices, individuals, companies and websites. If the certificate presented by an HTTPS website has been signed by a publicly trusted certificate authority, users can be assured that the identity of the website has been validated by a trusted third party. Each key pair includes a private key, which is kept secure, and a public key, which can be widely distributed. The private key acts as a decoder to allow its possessor to decrypt messages encrypted by the public key. Senders can also use private keys as a way to digitally sign messages. Even though the internet itself is an insecure network, the cryptographic system establishes a safe connection within the network. HTTP-based protocols are too heavyweight for most IoT devices, and request-response speed often isn't fast enough. Much more lightweight, MQTT is a client-server publish- | 4 | | 20 | V I D E O Renesas BenchTalk - EKRA4