Abstract
With the proliferation of Internet of Things (IoT) devices, there is an increasing need to prioritize their security, especially in the context of identity and authentication mechanisms. However, IoT devices have unique limitations in terms of computational capabilities and susceptibility to hardware attacks, which pose significant challenges to establishing strong identity and authentication systems. Paradoxically, the very hardware constraints responsible for these challenges can also offer potential solutions. By incorporating hardware-based identity implementations, it is possible to overcome computational and energy limitations, while bolstering resistance against both hardware and software attacks. This research addresses these challenges by investigating the vulnerabilities and obstacles faced by identity and authentication systems in the IoT context, while also exploring potential technologies to address these issues. Each identified technology underwent meticulous investigation, considering known security attacks, implemented countermeasures, and an assessment of their pros and cons. Furthermore, an extensive literature survey was conducted to identify instances where these technologies have effectively supported device identity. The research also includes a demonstration that evaluates the effectiveness of hardware trust anchors in mitigating various attacks on IoT identity. This empirical evaluation provides valuable insights into the challenges developers encounter when implementing hardware-based identity solutions. Moreover, it underscores the substantial value of these solutions in terms of mitigating attacks and developing robust identity frameworks. By thoroughly examining vulnerabilities, exploring technologies, and conducting empirical evaluations, this research contributes to understanding and promoting the adoption of hardware-based identity and authentication systems in secure IoT environments. The findings emphasize the challenges faced by developers and highlight the significance of hardware trust anchors in enhancing security and facilitating effective identity solutions.

Abstract
Anonymity networks like Tor significantly enhance online privacy but are vulnerable to correlation attacks by state-level adversaries. While covert channels encapsulated in media protocols, particularly WebRTC-based encapsulation, have demonstrated effectiveness against passive traffic correlation attacks, their resilience against active correlation attacks remains unexplored, and their compatibility with Tor has been limited. This paper introduces TorKameleon, a censorship evasion solution designed to protect Tor users from both passive and active correlation attacks. TorKameleon employs K-anonymization techniques to fragment and reroute traffic through multiple TorKameleon proxies, while also utilizing covert WebRTC-based channels or TLS tunnels to encapsulate user traffic.