A New IoT Trust Model Based on TLS-SE and TLS-IM Secure Elements: A Blockchain Use Case

This demonstration presents a new trust model for Internet of Things, based on TLS1.3 sessions authenticated by pre-shared key (PSK). According to TLS1.3, security relies on Diffie-Hellman exchanges, optionally authenticated by symmetric secret (PSK) shared by client and server. A major security issue is PSK protection against eavesdropping, in order to avoid device cloning or illegitimate use. We present two secure elements TLS-IM used on client side, and TLS-SE used on server side, which enforce PSK security. TLS-IM is a smartcard associated with TLS1.3 client running in laptop. TLS-SE is a standalone TLS1.3 server running in a secure element, which embeds an application computing signature for blockchain transaction. TLS-SE has a SIM form factor, and is plugged in a hardware module working with a Wi-Fi SoC, providing TCP/IP connectivity.