Judson Wilson: 2016 IoT Workshop


Thursday, April 14, 2016
Location: Fisher Conference Center, Arrillaga Alumni Center

"Auditing IoT Communications with TLS-RaR"


Joint work with Henry Corrigan-Gibbs, Riad S. Wahby, Dan Boneh, Philip Levis, and Keith Winstein


Today's homes increasingly host a menagerie of networked products: televisions, teddy bears, thermostats, baby monitors, picture frames, refrigerators, etc. In allowing these devices to communicate with cloud servers over TLS-encrypted connections, device owners must trust that their devices act honestly and respect their privacy. This is because unlike prior Internet endpoints, such as Web browsers and smartphones, Internet-of-Things devices rarely allow owners to modify the set of TLS certificates that the device trusts. Permitting such modification could allow owners to falsify billing data, attack the cloud service, or expose their device to compromise.

We introduce a family of protocols, called TLS Rotate and Release (TLS-RaR), that allow trusted devices, called "auditors", to decrypt but not modify TLS traffic. Unlike prior work, TLS-RaR requires no changes to TLS's wire format, is compatible with the TLS 1.3 draft, and already works with some TLS servers in the wild today. TLS-RaR will allow owners, consumer watchdogs, and independent researchers to audit what data their devices send without compromising the devices' integrity.


Judson Wilson received his B.S. in Mechanical Engineering from U.C. Berkeley in 2007. Afterwards he spent 5 years designing embedded electric power quality monitors at Power Standards Lab in Alameda, CA. He then began studies at Stanford University in 2012, earning an M.S. in Electrical Engineering, and spending summers at Apple, NVIDIA, and Bosch Research. He is currently researching systems software and networking in pursuit of a Ph.D. under the guidance of his advisor Philip Levis.