Heider, T. (2017):
Minimal G-IKEv2 implementation for RIOT OS
The Internet of Things (IoT) is one of today's fastest growing trends in technology and lead to a growing number of constrained devices connected to the internet and an increasing importance of group communication. The device's constraints present a challenge for security standards, as they cannot simply be reused for these novel systems. In order to enable secure group communication in the IoT, a group key management solution must be found that complies with the limitations arising from the use of low powered embedded systems. The G-IKEv2 protocol is found to provide a secure key exchange, even though it is not optimized for the use in IoT networks. A solution is offered by the design of a ``minimal G-IKEv2 client'' which reduces the proposed G-IKEv2 standard to a minimal subset of messages and payloads necessary to achieve a secure key exchange.
This work implements the ``minimal G-IKEv2 client'' on the IoT operating system RIOT OS. The evaluation tests the implementation in regard to memory requirements as well as CPU performance - measured by the time needed to handle the exchange - and proves the feasibility of secure group key distribution on IoT systems.