Secure bootstrapping is the process by which an IoT device gets the necessary configuration information and security credentials to become operational. Since bootstrapping is the first phase in the lifecycle of any IoT device, a security breach during bootstrapping would make the device vulnerable for the rest of its lifetime. In this talk, we will look at the bootstrapping problem in detail and look at two protocols for bootstrapping IoT devices. First, we discuss EAP-NOOB, a protocol for bootstrapping all kinds of IoT appliances that have minimal user interface and no pre-configured authentication credentials. Second, we will look at the Device Provisioning Protocol (DPP) aka Wi-Fi Easy Connect, a protocol for configuring Wi-Fi network information on IoT devices.
Mohit Sethi is a Senior Researcher at Ericsson and a post-doctoral researcher at Aalto University. He has received a Doctor of Science (Tech) degree in Computer Science from Aalto University. He has previously completed his dual MSc. degree in security and mobile computing from Royal Institute of Technology (KTH), Sweden and Aalto University, Finland with full EU scholarship. Mohit actively contributes to IoT standardization at the IETF and is currently co-chairing the Light-Weight Implementation Guidance (LWIG) as well as the EAP Method Update (EMU) working groups of the IETF. He has received best paper awards at the ACM Ubicomp and IEEE IoT conferences and has more than 20 international patent applications.