Secure and Effective Implementation of an IOTA Light Node using STM32

A major challenge in networked sensor systems and other IoT environments is addressing security. Vulnerabilities in those systems arise from poor physical security, unauthenticated devices, insecure firmware updates, insecure communication, and data corruption. In recent times Distributed Ledger Technologies (DLTs), of which Blockchain is an instance, have been identified as a possible solution to some of these issues. The blokchain model genetically ensures decentralized security and privacy, and therefore could provide IoT systems with a trusted infrastructure for securely logging data or exchanging tokens without the necessity, and costs, of central servers. Blockchain is no panacea, either. IoT devices that get connected to a blockchain network must still be secured, in particular they must protect the confidentiality of the keys. This requires the embedded microcontroller to execute only authenticated firmware, with protections against software attacks, such as buffer overflows, and resistance against side-channel attacks. In addition, as confirmed from the scarcity of implementations reported in the literature, it is still not clear whether blockchain protocols can be implemented efficiently on resource-constrained IoT devices. In this work, also supported by a Demo, we show an example of secure IoT device that enables the functionalities of IOTA, a DLT specifically designed for the use in the IoT. In particular, we present a Light Node based on STM32 that implements all the cryptographic functions, IOTA specific operations and communication functions required to successfully publish transactions in the IOTA distributed ledger. Our implementations on microcontrollers (ARM Cortex-M) performs up to 22 times faster in terms of cycles and up to 4 times faster in absolute time with respect to the state-of-the-art implementation on a Raspberry PI 3B. Our Light Node also ensures protection of the stored private data and guarantees secure firmware update thanks to a suitable configuration of some security features provided by STM32 microcontrollers.