Chris Conlon

Securing Data in Transit: Using TLS in Constrained Devices

Bio:
Developer at wolfSSL. Tech and outdoor enthusiast. Enjoying innovation, exploration, and adventure – in technology and the outdoors.

Abstract:
As designers and developers race to pack cool and eye catching features into “Internet of Things” and connected devices, the security of those devices oftentimes takes a back seat. After all, how many times does a manufacturer hear end customers ask: “Is that refrigerator secured with TLS 1.2 or SSL 3.0?”. Security analysts and hackers aside, the answer is, hardly ever.

One of the most prominent ways of securing connected devices today is with TLS, or “Transport Layer Security”. This session will start with a basic introduction of TLS, working its way up to a demonstration of how easy it can be to integrate TLS into an existing Internet-connected device. Also included will be considerations on what ciphers, algorithms, and key sizes are preferential for various types of projects, touching on both the enterprise server side as well as the resource constrained device side. The open source wolfSSL SSL/TLS library will be used for demonstration purposes.

Key takeaways from this session will include an overview of the TLS protocol, considerations when choosing what algorithms, ciphers and key sizes to use, and an understanding of how to add TLS to a new or existing application or device.