The internet of things (IoT) which includes machine-to-machine communications is a rapidly growing market. The IoT is expect to provide many benefits in a wide range of systems and applications such as automobiles, vending machines, alarm systems, remote sensors, tracking devices for shipping containers, remote monitoring in health applications, and monitoring of industrial equipment. Such systems are highly complex. For example, a modern vehicle may contain over one hundred electronic control units (ECUs) supporting comfort, convenience, and mission critical functions. Connected vehicles additionally contain one or more external communication systems (e.g., wireless gateways).
Communications between devices should be secure to prevent interception of data or insertion of data from an unauthorized entity. Security failures have already occurred an are likely to increase if previous systems are not improved. Secure communications are resistant to interception of the communications by unauthorized entities and resistant to injection of communications from unauthorized entities.
Prior IoT systems have used, for example, certificate-based communication security, such as public key infrastructure (PKI). PKI is a poor choice for IoT. Characteristics of PKI include certificate management, asymmetrical key exchange and processing, common certificates, third party dependencies, and static seeds. These characteristics lead to high deployment cost & complexity, long link establishment/latency, increased processing power & power consumption, and decreased security for multi-node networks.
Accordingly, a better way to secure IoT and other communications is needed.