Onboarding and Software Update Architecture for IoT Devices

It appears your Web browser is not configured to display PDF files. Download adobe Acrobat or click here to download the PDF file.

Click here to download the PDF file.


Gupta, Hemant




There has been a continuous growth in the usage of number of IoT devices. These devices are subject to an increasing number of attacks which exploit their software vulnerabilities. We need a secure architectural design for cryptographic keys involved in both initial configuration (onboarding) and secure automatic updates of IoT devices. Low-level IoT devices have low computational capabilities and small memory size and are challenged to carry out desktop- and server-type public-key cryptographic operations, as needed for key establishment and authentication of software updates. We have designed and implemented a prototype to provide secure onboarding and update architecture and associated protocols for low-level IoT devices (8-bit). It uses elliptic curve cryptography (Curve25519), authenticated key establishment, and a known continuity-based key-locking mechanism that uses a public key embedded in current software image to verify the signature on software update. The design also addresses the scenario of transfer of update authority change.


Computer Science




Carleton University

Thesis Degree Name: 

Master of Computer Science: 

Thesis Degree Level: 


Thesis Degree Discipline: 

Computer Science

Parent Collection: 

Theses and Dissertations

Items in CURVE are protected by copyright, with all rights reserved, unless otherwise indicated. They are made available with permission from the author(s).