Graduate Johann Zürner and Prof Hannes Tschofenig speak at the RIOT Summit 2025 in Dresden

The annual meeting of the RIOT community took place from 3 to 5 September with the aim of exchanging developments, experiences, design ideas and new technologies. H-BRS was represented by Hannes Tschofenig, Professor of Computer Science, in particular Network Security, and Johannes Zürner, who recently completed his bachelor’s thesis on secure and efficient communication in low-resource mobile IoT networks.

Johann Zürner’s presentation Performance of DTLS with Connection ID in Narrowband IoT Networks focussed on an extension of the security protocol DTLS (Datagram Transport Layer Security), the Connection ID. This function ensures that a secure connection is maintained even if the IP address or port of a device changes – a common problem in low-energy IoT networks such as Narrowband IoT (NB-IoT). Without this extension, a new, complex security connection would have to be established every time the address changes. The presentation presented measurements of the performance of this function, including the time it takes to establish a connection and the power consumption on embedded hardware such as the Nordic nRF9160 Development Kit. In addition, a live demonstration showed how IP address changes affect connection stability and power consumption.

 

The presentation Thoughts about PQC on Microcontrollers by Hannes Tschofenig shed light on how post-quantum cryptography (PQC) can be implemented in highly resource-constrained devices such as microcontrollers. As PQC algorithms require significantly more memory and computing power than conventional methods, their integration into IoT hardware poses a major challenge. Tschofenig explained that it is important to start working on these technologies now because attackers can collect encrypted data today and decrypt it later using quantum computers (“harvest now, decrypt later”). He therefore recommended hybrid approaches that combine classic and quantum-safe methods, as well as modular systems that enable future algorithm updates. He also emphasised the importance of current standardisation initiatives and regulatory requirements such as the Cyber Resilience Act in order to make IoT devices secure in the long term.

 

RIOT (Operating System) is a free open source operating system, specially developed for embedded systems with severely limited resources (small memory, low energy consumption).

It aims to network Internet of Things (IoT) devices by providing many standard functions such as network protocols, multithreading, real-time functions and cryptography in a modular fashion. RIOT supports many microcontroller architectures (8-, 16- and 32-bit) and allows programming in C, C++ (and experimentally also Rust) with a standardised API.

It is maintained by an international community of science, industry and hobby developers.