The road to privacy in IoT: beyond encryption and signatures, towards unobservable communication

Privacy requires more than just encryption of data before and during transmission. Privacy would actually demand hiding the sheer fact that communication takes place. This requires to protect meta-data from observation. We think that this feature is in particular useful and interesting for the Internet-of-Things. However, it requires strong cryptographic security mechanisms, like encryption of communication, to be in place. We motivate the need for strong privacy protection by highlighting privacy issues in a smart home use-case. We advance beyond encryption and discuss which existing techniques can be used to achieve unobservable communication. Then we describe the architecture needed to provide strong protection in this particular use-case. Lastly, we present the building blocks of the architecture we implemented so far on the Re-Mote sensor nodes running Contiki OS and sketch the computational and network overheads imposed by these techniques.