Apparatus and method for establishing secure communication channels in an internet of things (iot) system

What is claimed is: 1 . An apparatus comprising: a first local wireless communication module to establish local wireless communication channels with a second local wireless communication module; a data structure managed by the first local wireless communication module, the data structure comprising a set of characteristics, each characteristic identified with an characteristic ID and having a value buffer associated therewith containing data associated with the characteristic; the first wireless communication module to form a first network socket using the data structure by defining a first characteristic for receiving data packets transmitted by the second local wireless communication module and a second characteristic for transmitting outgoing data packets to the second local wireless communication modules; wherein the incoming data packets are to be temporarily buffered in a first value buffer associated with the first characteristic and wherein the outgoing packets are to be temporarily buffered in a second value buffer associated with the second characteristic. 2 . The apparatus as in claim 1 wherein the data structure comprises a table indexed by a characteristic ID and comprising a value field to identify each value buffer including the first value buffer associated with the first characteristic and the second value buffer associated with the second characteristic. 3 . The apparatus as in claim 1 wherein the first and second value buffers each have a size of N bits. 4 . The apparatus as in claim 3 wherein N=20. 5 . The apparatus as in claim 1 wherein the wireless communication module comprises a Bluetooth Low Energy (BTLE) communication module and wherein the data structure comprises a Generic Attribute Profile (GATT) data structure. 6 . The apparatus as in claim 3 further comprising application logic to transmit a first data packet to the second wireless communication module by writing the first data packet, N bits at a time, to the second value buffer associated with the second characteristic. 7 . The apparatus as in claim 6 wherein the second wireless communication module is to read the first data packet, N bits at a time, from the second value buffer associated with the second characteristic. 8 . The apparatus as in claim 7 wherein to read the first data packet, the second wireless communication module is to transmit a first command to the first wireless communication module including the characteristic ID of the second characteristic. 9 . The apparatus as in claim 6 wherein the application logic is to receive a second data packet from the second wireless communication module by reading the second data packet, N bits at a time, from the first value buffer. 10 . The apparatus as in claim 9 wherein to write the second data packet to the first value buffer, the second wireless communication module is to transmit a first command to the first wireless communication module including the characteristic ID of the first characteristic. 11 . The apparatus as in claim 10 wherein to establish a secure communication channel over the first network socket, the first and second local wireless communication modules are to initially open a second network socket comprising a third value buffer identified by a third characteristic ID within the data structure for messages transmitted from the first wireless communication module to the second wireless communication module and a fourth value buffer identified by a fourth characteristic ID within the data structure for messages transmitted from the second wireless communication module to the first wireless communication module. 12 . The apparatus as in claim 11 wherein using the first wireless communication module is to receive a public key of the second wireless communication module through the fourth value buffer and to transmit its own public key to the second wireless communication module through the third value buffer. 13 . The apparatus as in claim 12 wherein the first wireless communication module is to generate a secret using the public key of the second wireless communication module and the private key of the first wireless communication module. 14 . The apparatus as in claim 13 further comprising: a counter to increment upon the transmission of each data packet to the second wireless communication module. 15 . The apparatus as in claim 14 wherein the first communication module comprises key stream generation logic to generate a first key stream using a current counter value and the secret, the first communication module further comprising encryption logic to encrypt each data packet using the first key stream. 16 . The apparatus as in claim 15 wherein the first wireless communication module is to receive an encrypted data packet from the second wireless communication module and to generate a second key stream to decrypt the encrypted data packet using a counter value received from the second wireless communication module and the secret. 17 . The apparatus as in claim 6 wherein the first local wireless communication module is integrated within an Internet of Things (IoT) device and wherein the second local wireless communication module is integrated within an IoT hub or a mobile user device. 18 . The apparatus as in claim 17 wherein the IoT device comprises at least one sensor for taking a measurement and providing the measurement to the application logic, the application logic to encapsulate the measurement in the first data packet transmitted to the second wireless communication module. 19 . The apparatus as in claim 9 wherein the wherein the first local wireless communication module is integrated within an Internet of Things (IoT) device and wherein the second local wireless communication module is integrated within an IoT hub or a mobile user device, wherein the second data packet comprises a command to be processed by the application logic on the IoT device. 20 . The apparatus as in claim 19 wherein the command comprises an operation to power on or power off the IoT device.