2016 Poster Sessions : Auditing IoT Communications with TLS-RaR

Student Name : Judson Wilson
Advisor : Philip Levis
Research Areas: Information Systems
Coauthors:
Henry Corrigan-Gibbs, Riad S. Wahby, Dan Boneh, Philip Levis, Keith Winstein

Abstract:
Today's homes increasingly host a menagerie of networked products: televisions, teddy bears, thermostats, baby monitors, picture frames, refrigerators, etc. In allowing these devices to communicate with cloud servers over TLS-encrypted connections, device owners must trust that their devices act honestly and respect their privacy. This is because unlike prior Internet endpoints, such as Web browsers and smartphones, Internet-of-Things devices rarely allow owners to modify the set of TLS certificates that the device trusts. Permitting such modification could allow owners to falsify billing data, attack the cloud service, or expose their device to compromise.

We introduce a family of protocols, called TLS Rotate and Release (TLS-RaR), that allow trusted devices, called “auditors,” to decrypt but not modify TLS traffic. Unlike prior work, TLS-RaR requires no changes to TLS's wire format, is compatible with the TLS 1.3 draft, and already works with some TLS servers in the wild today. TLS-RaR will allow owners, consumer watchdogs, and independent researchers to audit what data their devices send without compromising the devices' integrity.


Bio:
Judson Wilson received his B.S. in Mechanical Engineering from U.C. Berkeley in 2007. Afterwards he spent 5 years designing embedded electric power quality monitors at Power Standards Lab in Alameda, CA. He then began studies at Stanford University in 2012, earning an M.S. in Electrical Engineering, and spending summers at Apple, NVIDIA, and Bosch Research. He is currently researching systems software and networking in pursuit of a Ph.D. under the guidance of his advisor Philip Levis.