Abstract: The Internet of Things or IoT is a rapidly growing phenomenon. Many of the devices around us are getting connected to the Internet, becoming "smart" in the process. However, increased connection to the Internet invites possible cyber-attacks from multiple directions. One of the fundamental problems of IoT devices is that they are bought and deployed in batches. Therefore, a majority of IoT devices deployed remain with the default factory assigned username/password combination as the only means for authentication. This makes it very easy to brute force into these devices and take control of them. The Mirai botnet attack that took down the Dyn DNS and consequently many other important sites last October, used a DDOS attack. The attack formed its botnet by brute forcing into IoT devices using default username and password combinations. One way to protect against this kind of brute force attack is to use key-based authentication as well for encrypted communication among IoT devices. This work proposes multiple architectures and protocols to enable key-based authentication for IoT devices, leveraging the blockchain technology. This work also describes a scalable simulator in NS3 to test IoT specific public key infrastructure on blockchain and corresponding communication protocols.
MTech Thesis Defences
Saptarshi Gan, 12807624