MSc.Thesis Defense: Alperen Doğan

CRYPTOGRAPHIC SECURITY AND KEY MANAGEMENT IN MULTI-PLATFORM IOT SYSTEMS: IMPLEMENTATION AND PERFORMANCE ASPECTS

Alperen Doğan
Computer Science and Engineering, MSc. Thesis, 2025

Thesis Jury

Prof. Dr. Albert Levi (Thesis Advisor)

Asst. Prof. Orçun Çetin

Prof. Dr. Vedat Coşkun

Date & Time: July 23rd, 2025 – 10:00 AM

Place: FENS L065

Keywords: key management, elliptic curve cryptography, internet of things, trusted platform module, performance measurement

Abstract

Smart-city services rely on many small sensors that send data about traffic, energy, and air quality. Each message must stay private and unaltered, yet the devices that send them have little memory, slow CPUs, and limited power. This thesis builds and tests a light but strong key-management system that fits these limits. The protocol uses  elliptic curve certificates and elliptic curve Diffie–Hellman key exchange to set up a shared secret. Then, for every message between client and server, a symmetric key is derived from the shared secret. The shared secret, and elliptic curve keys on the server are renewed periodically to decrease the damage in case of compromise. Long-term keys on the server sit inside a TPM 2.0 chip, which adds an extra layer of security for storage of the keys. The protocol is deployed in a web-API, and performance tests on the protocol and individual cryptographic operations used by the protocol are carried out on a set of single-board computers representing generic IoT devices. The results show that by the proposed protocol, the key exchange operations complete in reasonable amounts of time where majority of the time is spent by the TPM.