Abstract
IoT devices typically have limited memory resources and computing power. For this reason, it is often not possible to use the authentication and trusted environment mechanisms commonly used on the Internet. Due to the autonomous operation of IoT devices, solutions that require user interaction should be excluded. Additionally, due to the limited capabilities of IoT devices, mechanisms performing complex cryptographic operations are also not always recommended. This paper proposes a set of mechanisms for building a trusted IoT environment using a hardware TPM 2.0 module. The developed set includes procedures for securely registering nodes in the network, which are designed for use in an untrusted and uncontrolled environment. The authors also proposed a protocol for device authentication using PCR registries supported by the TPM based on the Proof of Knowledge concept. Using a direct method, the solution also involves implementing a symmetric key distribution protocol based on the KTC (Key Translation Centre) scheme. The developed procedures can be used in networks where nodes have limited memory resources and low computing power. The communication interface used in the developed demonstrator is LoRa (Long Range), for which a proprietary method of identifying network devices has been proposed to ensure the confidentiality of the communicating parties' identities.