Many IoT use cases demand both secure storage and secure communication. Resource-constrained devices cannot afford having one set of crypto protocols for storage and another for communication. Lightweight application layer security standards are being developed for IoT communication. Extending these protocols for secure storage can significantly reduce communication latency and local processing. We present BLEND, combining secure storage and communication by storing IoT data as pre-computed encrypted network packets. Unlike local methods, BLEND not only eliminates separate crypto for secure storage needs, but also eliminates a need for real-time crypto operations, reducing the communication latency significantly. Our evaluation shows that compared with a local solution, BLEND reduces send latency from 630 microseconds to 110 microseconds per packet. BLEND enables PKI based key management while being sufficiently lightweight for IoT. BLEND doesn't need modifications to communication standards used when extended for secure storage, and can therefore preserve underlying protocols' security guarantees.

翻译：许多物联网应用场景同时要求安全存储与安全通信。资源受限设备无法同时为存储和通信部署两套密码协议。当前面向物联网通信的轻量级应用层安全标准正在开发中。将这些协议扩展至安全存储领域，可显著降低通信延迟与本地处理开销。本文提出BLEND方案，通过将物联网数据存储为预计算的加密网络数据包，融合安全存储与安全通信。与本地方案不同，BLEND不仅无需为安全存储需求单独部署密码模块，还消除了实时密码运算需求，从而大幅降低通信延迟。评估表明，与本地方案相比，BLEND将单个数据包的发送延迟从630微秒降至110微秒。BLEND支持基于PKI的密钥管理，同时保持足够轻量级以适应物联网场景。当扩展至安全存储时，BLEND无需修改现有通信标准，因此可保留底层协议的安全保障特性。