In the Internet of Things (IoT) ecosystem, people will be surrounded by a growing number of smart devices with sensors and actuators, which capture information about our environments and act upon them autonomously (our cities, homes, cars or bycicles and even our body). As a matter of fact, people already interact more with or through these devices instead of interacting directly. The IoT infraestructure is aimed at improving our quality of life, but if it is not trust, secure and does not guarantee our privacy, the consequences can be catastrophic.
A first challenging aspect is to ensure that individuals and devices are trusted and authentic and, hence, that their identities are resistant to impersonation and counterfeiting. Since the physical nature of an IoT device lies in the hardware it is made of, HW-IDENTIoTY project will design hardware solutions based on physical unclonable functions (PUFs) to generate inherent identities of devices. Since the unique features of a person can be captured by a biometric recognition system, HW-IDENTIoTY project will design hardware solutions to implement lightweight biometric recognition techniques that could be implemented in a wearable, so that the digital identity of the person is generated locally by a trusted device under the supervision of the identity owner.
A second critical issue is to guarantee privacy. For this purpose, the digital identities will be transformed in such a way that the resulting data cannot be attributed to a specific individual or device without the use of additional information. HW-IDENTIoTY project will design hardware solutions to implement Helper Data algorithms in the case of devices and template protection techniques in the case of individuals.
The third aspect addressed will be the design of hardware solutions robust against attacks to implement cryptographic primitives paradigm. They will be related to symmetric and lightweight cryptography in the case of wearables (with constrained resources and low-power consumption requirements) and to elliptic curve cryptography in the case of embedded systems. The availability of counterfeit-resistant identities will be exploited to address problems associated with digital chains of custody and traceability in IoT.