Decentralized Zone-Based PKI: A Lightweight Security Framework for IoT Ecosystems
Abstract
:1. Introduction
- Symmetric-key cryptography: utilizes a single secret key for both encrypting and decrypting data. When the secret key is sufficiently robust, it becomes extremely difficult for an adversary, armed only with ciphertext, to uncover or alter the original plaintext. The Advanced Encryption Standard (AES) block cipher stands as a prominent illustration of symmetric-key encryption.
- Public-key cryptography: operates using pairs of interconnected keys, consisting of a public key and its corresponding private key for each pair. Securing public key cryptography necessitates keeping the private key confidential. With a public key, accessible to anyone, individuals can encrypt messages, generating ciphertext. However, solely those possessing the correlated private key can decrypt the ciphertext, unveiling the original message.
- Public Key Infrastructure (PKI): refers to a collection of software and hardware solutions designed to facilitate the management of public key encryption within computer systems. PKI aims to streamline the secure transfer of information over the Internet, particularly in scenarios where robust authentication is required, surpassing traditional methods like passwords. Its primary objectives include verifying the identities of parties involved in data transmission and ensuring the integrity of transferred data. PKI relies on digital certificates, which it can generate, distribute, modify, and invalidate. These certificates bind public keys to the identities, often referred to as “subjects”, of various entities such as domain names. Certificate Authorities (CAs) play a crucial role in PKI by issuing and registering certificates as part of a comprehensive process that establishes these connections.
- Step 1:
- A server initiates the process by requesting a certificate from a Certificate Authority (CA). The server sends its Public Key (PK) and identity to the CA.
- Step 2:
- Upon successful verification of the server’s identity, the CA responds by issuing a certificate for the server’s identity and PK. This certificate is signed with the CA’s private key.
- Step 3:
- A user wishes to establish a secure connection with the server. To achieve this, the user verifies the server’s PK by requesting the server’s certificate.
- Step 4:
- In response to the user’s request, the server provides the certificate.
- Step 5:
- The user verifies that the certificate’s signature indeed originates from the CA and confirms that the certificate contains the server’s PK and identity. If these conditions are satisfied, the user trusts the server and proceeds to initiate a secure connection using the server’s public key.
- Traditional PKI architectures rely on Certificate Authorities (CAs), introducing a single point of failure. If attackers manage to compromise the CA, they can issue certificates for any entity, posing a significant threat in IoT environments. With the vast number of IoT devices, this creates a substantial attack surface [15].
- IoT devices typically have limited resources, which affects the performance of traditional cryptographic techniques. Research conducted by Blanc et al. [18] demonstrates significant performance discrepancies when executing identical encryption algorithms on various IoT hardware platforms compared to traditional PCs.
- RQ1: How do we implement a lightweight PKI solution for the IoT?
- RQ2: How will this new lightweight PKI solution perform compared with traditional and literature PKI solutions?
2. Related Work
3. Proposed Solution
- In order to address the single point of failure present in traditional PKI architectures, we propose a decentralized PKI system. Previous literature has shown that this is feasible to achieve [4,23,24,25,26,27,28,29]. We propose to introduce an architecture that employs “zones”, where each zone has a master (See Figure 2). This master issues, updates, revokes, and looks up certificates for all other IoT nodes in its zone. A node can become part of a zone by sending an enrollment request to a zone master, to which the master responds with a signed certificate (Figure 3). Thus, to a certain extent it acts as a CA when compared with the traditional PKI architecture. Furthermore, it is optimal for the master node to have significant computational power. The general idea is that zone masters keep track of the certificates of all nodes in its zone. If a zone gets too many nodes to handle, it will convert a node in the zone to a new master node, thereby creating a new zone, which is connected to the old zone. This creates a parent-child like architecture, where each zone (apart from the root zone) has a link to its parent and child zone. This zone system allows for high scalability, where each zone can represent a single entity. For example, one zone can contain all IoT nodes in a certain smart city, while another zone contains all nodes in a certain smart building.
- The second contribution addresses the need for a lightweight architecture, which is achieved in two following ways:
- (a)
- The use of lightweight cryptography: Elliptic Curve Cryptography (ECC) is public key cryptography based on the algebraic structure of elliptic curves over finite fields. Because it offers the same level of security with smaller key sizes, it has an advantage over conventional cryptographic methods like RSA [30]. ECC starts with an elliptic curve that is described mathematically by the equation:The security of elliptic curve cryptography relies on the difficulty of solving the Elliptic-Curve Discrete Logarithm Problem (ECDLP). That is, given a curve, a base point P, and a resulting point Q, it is computationally hard to determine the integer n such that [31].
- (b)
- The use of lightweight certificates: the proposed architecture will dramatically reduce the number and size of fields present in the conventional X.509 certificates in order to speed up certificate creation and verification. To further reduce communication overhead, we will use Concise Binary Object Representation (CBOR) to encode the certificates. CBOR is a binary data serialization format that resembles JSON in some ways. It enables the faster transport of data objects with name-value pairs than JSON. This sacrifices human comprehension in favor of more rapid processing and transfer rates.
3.1. Zone Setup
3.2. Node Enrollment
3.3. Subsequent Communication
3.4. Zone Extension
3.5. Certificate Updating
3.6. Certificate Revocation
3.7. Certificate Lookup
- If U is located in the master’s zone, it can simply fetch the certificate from its internal table and send it back to the node.
- If U is not located in the master’s zone, the procedure is as follows, accompanied by Figure 8: In this example, zone master 4 has the certificate for node 6. Node 5 asks its master (3) for the certificate of node 6. Because node 6 is not located in the zone of master 3, it will send a recursive query to its child and parent zone masters to ask if they have the certificate of 6. Zone master 4 responds with the certificate of node 6, and master 3 sends the certificate back to node 5.
3.8. Certificate Verification
3.9. Zone Master Revocation
3.10. Node Unenrollment
3.11. Certificates and Keys
3.11.1. Version Number
X.509 Specification
Optimized Format
3.11.2. Serial Number
X.509 Specification
Optimized Format
3.11.3. Signature
X.509 Specification
Optimized Format
3.11.4. Issuer
X.509 Specification
Optimized Format
3.11.5. Validity
X.509 Specification
Optimized Format
- UTCTime, which is of the format YYMMDDHHMMSSZ
- GeneralizedTime, which is of the format YYYYMMDDHHMMSSZ
- “Where YY is greater than or equal to 50, the year SHALL be interpreted as 19YY; and”
- “Where YY is less than 50, the year SHALL be interpreted as 20YY.”
3.11.6. Subject
X.509 Specification
Optimized Format
3.11.7. Subject Public Key Info
X.509 Specification
Optimized Format
3.11.8. Unique Identifiers
X.509 Specification
Optimized Format
3.11.9. Extensions
X.509 Specification
- Key usage: This extension specifies the function of the key present in the certificate (such as certificate signing or encryption).
- Certificate policies: A collection of one or more policy information terms that describe the policy by which the certificate was issued and the permitted uses of the certificate.
- Subject alternative name: With this extension, identities can be linked to the certificate’s subject. These identities can be used in place of, or in addition to, the identity listed in the certificate’s subject field.
- Basic constraints: Specifies “the maximum depth of valid certification paths that include this certificate” [42], as well as whether the subject of the certificate is a CA.
- Name constraints: All subject names in the following certifications in a certification route must be contained inside the name space indicated by this extension, which can only be used in a CA certificate. The constraint for URIs only applies to the host portion of the name. The constraint may specify a host or domain but must be supplied as a fully qualified domain name. host.example.com and .example.com are two examples.
- Policy constraints: Certificates deployed to CAs may use the policy constraints extension, which restricts path validation.
- Extended key usage: This extension lists one or more additional uses for the certified public key that can be substituted for or added to those mentioned in the key usage extension. This extension will often only be shown in certificates for end entities.
- Inhibit anyPolicy: Certificates issued to CAs may utilize the inhibit anyPolicy extension. The inhibit anyPolicy extension states that, unless it occurs in an intermediate self-issued CA certificate, the special anyPolicy OID is not considered an explicit match for other certificate policies.
Optimized Format
3.11.10. TBS Certificate
X.509 Specification
Optimized Format
3.11.11. Signature Algorithm
X.509 Specification
Optimized Format
3.11.12. Signature Value
X.509 Specification
Optimized Format
3.11.13. Summary
3.12. Security Considerations
3.12.1. Denial-of-Service
3.12.2. Blocking of Messages
4. Performance Analysis
4.1. Experimental Setup
- In the time analysis, we will first log the current timestamp before executing the operation. After the operation has finished, we will log the timestamp again and compute the difference to obtain the runtime duration.
- In the memory analysis, we will be using filprofiler (https://pypi.org/project/filprofiler/, accessed on 10 January 2024), which is a Python tool that analyzes the memory usage of programs.
- In the energy analysis, we will be conducting a baseline voltage and ampere measurement to obtain the baseline usage. When executing the operation, the peak voltage and amperage will be observed, and the differences between the baseline will be noted. By combining the voltage and amperage with the duration of the operation, the energy (J) can be calculated:For the measurement, we have used a dedicated Raspberry Pi energy measurement hardware. The experimental setup can be seen in Figure 12.
- Certificate size
- Certificate generation
- Node enrollment (Section 3.2)
- Zone extension (Section 3.4)
- Certificate lookup (Section 3.7)
- Certificate verification (Section 3.8)
4.2. Certificate Size
4.3. Certificate Generation
4.4. Node Enrollment
4.5. Zone Extension
4.6. Certificate Lookup
4.7. Certificate Verification
4.8. Experimental Results
4.9. Certificate Size
4.10. Certificate Generation
4.11. Node Enrollment
4.12. Zone Extension
4.13. Certificate Lookup
4.14. Certificate Verification
4.15. Discussion
4.16. Certificate Size
4.17. Certificate Verification
4.18. Conclusions
- More effective number encoding is supported by CBOR, which employs a variable-length integer encoding system that consumes fewer bytes than JSON to represent small values. In contrast to JSON’s text-based representation, CBOR permits the encoding of floating-point integers using a more compact binary format [44].
- CBOR uses a length-prefix encoding strategy for Unicode strings, which enables it to represent strings using fewer bytes than JSON’s Unicode escape sequences. This enables CBOR to support more compact encoding of Unicode strings. For instance, the Unicode characters in CBOR are never escaped, in contrast to formats like JSON. Therefore, a newline character (U+000A) is never represented in a string as bytes 0x5c6e (the characters “\” and “n”) but rather as bytes 0x0a.
- Tagging is one of the characteristics of CBOR, which may enable it to represent some categories of data more effectively than JSON. For instance, CBOR comes with built-in support for expressing dates and times, which can be achieved with less data than equivalent JSON expressions.
5. Security Analysis
5.1. Adversarial Model
- The adversary will have unrestricted control over the communication channel, enabling them to observe, manipulate, or replay the messages conveyed over the channel.
- The adversary has the capability to employ the following attack model and execute it within polynomial time:
- –
- lookup(N, M) This operation allows the adversary to legitimately request the public key of node N through zone master M, as if it were a regular user.
- –
- enroll(M) This operation allows the adversary to legitimately enroll into a zone with master M, as if it were a regular user.
- –
- update(C, M) This operation allows the adversary to update its certificate to C using zone master M.
- –
- revoke(Z) This operation allows a malicious zone master to revoke its child or parent zone Z.
- –
- corruptNode() This attack model represents a scenario in which a node becomes compromised or corrupted.
- –
- corruptZoneMaster() This attack model represents a scenario in which a zone master becomes compromised or corrupted.
5.2. Assumptions
- The adversary:
- –
- Can start any number of parallel protocol sessions,
- –
- Knows the functioning of the entire protocol,
- –
- Can build and send messages,
- –
- Can read, retain, and block any sent message,
- –
- Can decrypt any message for which it has the key.
- It is computationally infeasible for the adversary to break the Elliptic-Curve Digital Signature Algorithm (ECDSA), Elliptic-Curve Diffie-Hellman (ECDH), and Elliptic-Curve Discrete Logarithm Problem (ECDLP).
5.3. Theoretical Analysis
5.3.1. Certificate Updating
5.3.2. Node Unenrollment
5.3.3. Certificate Lookup
5.4. Security Guarantees
5.4.1. Theoretical Adversary Model
- The adversary has unrestricted control over the communication channel, enabling them to intercept, manipulate, or replay messages.
- The adversary possesses the capability to execute attacks within polynomial time.
- The cryptographic algorithms used in the PKI system, such as ECDSA for digital signatures and AES for encryption, are secure and resistant to known attacks.
- The adversary cannot break the underlying cryptographic algorithms, such as ECDSA, AES, and SHA-256, within a reasonable computational time frame.
5.4.2. Security Goals/Requirements
- AuthenticationTheorem 1:
- (a)
- Statement: In the proposed lightweight PKI system, every message sender can be authenticated using digital signatures.
- (b)
- Proof: Let M be a message sender who wants to authenticate themselves. By verifying the digital signature attached to M’s message using the sender’s public key, the recipient can confirm the sender’s identity.
- Data IntegrityTheorem 2:
- (a)
- Statement: Data exchanged between entities in the lightweight PKI system remains unchanged during transmission.
- (b)
- Proof: By employing cryptographic hash functions (e.g., SHA-256), the sender can compute a hash of the message before transmission. Upon receipt, the recipient can independently compute the hash and compare it with the received hash to verify data integrity.
- ConfidentialityTheorem 3:
- (a)
- Statement: Messages exchanged between entities are encrypted and cannot be deciphered by unauthorized parties.
- (b)
- Proof: Encryption algorithms such as AES are employed to encrypt messages before transmission. Without access to the encryption key, unauthorized parties cannot decipher the encrypted messages.
5.4.3. Comparison with Traditional PKI
5.4.4. Secure against Replay Attacks
5.4.5. Mutual Authentication
5.4.6. Secure against Impersonation Attacks
5.4.7. Secure against Man-in-the-Middle Attacks
5.4.8. Secure against Brute-Force Attacks
5.4.9. Secure against Passive Attacks
5.5. Formal Analysis
- Messages over symmetric-key cryptography: in this HLPSL specification, the node enrollment procedure (Section 3.2) is modeled. That is, the node and zone master agree on a symmetric key using a Diffie–Hellman key exchange. Next, the node sends a symmetrically encrypted request to the zone master to be enrolled in the zone. Finally, the zone master responds to the enrollment request with a symmetrically encrypted message as well.
- Messages over public-key cryptography (Section 3.3): in this specification, all other operations in the design are modeled. Firstly, the requesting party generates a nonce and sends this nonce, along with the request payload in an encrypted form (with the public key of the receiving party) to the receiver. The receiving party responds with the same nonce, concatenated with its desired response payload. The entire response is encrypted with the public key of the sending party. The reason for including a nonce in the request and response is to prevent MITM attacks; more details are presented in Section 3.3.
Results
6. Conclusions
6.1. Research Objectives
- The CA introduces a single point of failure due to the design of conventional PKI infrastructures. Therefore, if an attacker manages to take over the CA, they will be able to issue certificates for whomever they choose. This problem is particularly crucial in IoT contexts because the vast array of connected devices increases the possible attack surface.
- Traditional cryptographic algorithms will have severe performance constraints when implemented on regular IoT hardware due to the resource-constrained nature of IoT devices. To illustrate, Blanc et al. [18] have ported 12 encryption algorithms to multiple IoT hardware platforms to compare their performance. Their experimental results show that the algorithms run 6–50 times slower than on traditional PCs, depending on the architecture.
6.2. Contributions
6.3. Research Questions
6.3.1. RQ1: How Do We Implement a Lightweight PKI Solution for the IoT?
- We have proposed a decentralized PKI system as a solution for the single point of failure that traditional PKI architectures have. We have suggested introducing an architecture that makes use of “zones”, each of which has a master. All other IoT nodes in its zone have a master that issues, updates, revokes, and searches for certificates for them. Consequently, compared to the conventional PKI design, it functions much like a Certificate Authority (CA). Zone masters are responsible for keeping track of all nodes’ certificates within their zone. If a zone has more nodes than it can manage, one of the nodes in the zone will be changed to a new master node, forming a new zone that is connected to the old zone. A parent–child architecture is created as a result, with links between each zone (aside from the root zone).
- The second contribution has addressed the need for a lightweight architecture, which is achieved in two following ways: (i) Elliptic Curve Cryptography (ECC), a public key cryptography based on the algebraic structure of elliptic curves over finite fields, is a technique for using lightweight encryption. In comparison to traditional cryptographic techniques like RSA, it has an advantage because it provides the same level of security with smaller key sizes [30]. (ii) The usage of lightweight certificates: in order to speed up certificate creation and verification, the suggested design will drastically reduce the amount and size of fields included in the current X.509 certificates. We have encoded the certificates using Concise Binary Object Representation (CBOR) to further reduce communication overhead.
6.3.2. RQ2: How Will This New Lightweight PKI Solution Perform Compared with Traditional and Literature PKI Solutions?
6.4. Limitations and Future Works
6.4.1. Certificate Queries
6.4.2. TOFU on Enrollment
6.4.3. Implementation Bottleneck
6.4.4. Certificate Verification
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
Appendix A. HLPSL Models
Appendix A.1. Node Enrollment (Section 3.2)
Listing A1. Node Enrollment. |
Appendix A.2. Subsequent Communication (Section 3.3)
Listing A2. Subsequent Communication. |
References
- Shafiq, M.; Gu, Z.; Cheikhrouhou, O.; Alhakami, W.; Hamam, H. The Rise of “Internet of Things”: Review and Open Research Issues Related to Detection and Prevention of IoT-Based Security Attacks. Wirel. Commun. Mob. Comput. 2022, 2022, 8669348. [Google Scholar] [CrossRef]
- Domingo, M.C. An overview of the Internet of Things for people with disabilities. J. Netw. Comput. Appl. 2012, 35, 584–596. [Google Scholar] [CrossRef]
- Hsieh, M.C.; Hung, W.S.; Lin, S.W.; Luo, C.H. Designing an assistive dialog agent for a case of spinal cord injury. In Proceedings of the 2009 Ninth International Conference on Hybrid Intelligent Systems, Shenyang, China, 12–14 August 2009; Volume 1, pp. 67–72. [Google Scholar]
- Won, J.; Singla, A.; Bertino, E.; Bollella, G. Decentralized public key infrastructure for internet-of-things. In Proceedings of the MILCOM 2018-2018 IEEE Military Communications Conference (MILCOM), Los Angeles, CA, USA, 29–31 October 2018; pp. 907–913. [Google Scholar]
- Höglund, J.; Lindemer, S.; Furuhed, M.; Raza, S. PKI4IoT: Towards public key infrastructure for the Internet of Things. Comput. Secur. 2020, 89, 101658. [Google Scholar] [CrossRef]
- Neshenko, N.; Bou-Harb, E.; Crichigno, J.; Kaddoum, G.; Ghani, N. Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations. IEEE Commun. Surv. Tutorials 2019, 21, 2702–2733. [Google Scholar] [CrossRef]
- Biryukov, A.; Dinu, D.; Corre, Y.L. Side-channel attacks meet secure network protocols. In Proceedings of the International Conference on Applied Cryptography and Network Security, Kanazawa, Japan, 10–12 July 2017; pp. 435–454. [Google Scholar]
- O’Flynn, C.; Chen, Z. Power analysis attacks against IEEE 802.15. 4 nodes. In Proceedings of the International Workshop on Constructive Side-Channel Analysis and Secure Design, Graz, Austria, 14–15 April 2016; pp. 55–70. [Google Scholar]
- Rajan, A.; Jithish, J.; Sankaran, S. Sybil attack in IOT: Modelling and defenses. In Proceedings of the 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Udupi, India, 13–16 September 2017; pp. 2323–2327. [Google Scholar]
- Basnight, Z.; Butts, J.; Lopez, J., Jr.; Dube, T. Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 2013, 6, 76–84. [Google Scholar] [CrossRef]
- Cui, A.; Costello, M.; Stolfo, S. When firmware modifications attack: A case study of embedded exploitation. In Proceedings of the 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, CA, USA, 24–27 February 2013. [Google Scholar]
- Bencsáth, B.; Buttyán, L.; Paulik, T. XCS based hidden firmware modification on embedded devices. In Proceedings of the SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks, Split, Croatia, 15–17 September 2011. [Google Scholar]
- Vasserman, E.Y.; Hopper, N. Vampire attacks: Draining life from wireless ad hoc sensor networks. IEEE Trans. Mob. Comput. 2011, 12, 318–332. [Google Scholar] [CrossRef]
- Pielli, C.; Chiariotti, F.; Laurenti, N.; Zanella, A.; Zorzi, M. A game-theoretic analysis of energy-depleting jamming attacks. In Proceedings of the 2017 International Conference on Computing, Networking and Communications (ICNC), Silicon Valley, CA, USA, 26–29 January 2017; pp. 100–104. [Google Scholar]
- Bertino, E.; Islam, N. Botnets and Internet of Things Security. Computer 2017, 50, 76–79. [Google Scholar] [CrossRef]
- Antonakakis, M.; April, T.; Bailey, M.; Bernhard, M.; Bursztein, E.; Cochran, J.; Durumeric, Z.; Halderman, J.A.; Invernizzi, L.; Kallitsis, M.; et al. Understanding the MIRAI botnet. In Proceedings of the 26th USENIX security symposium (USENIX Security 17), Vancouver, BC, Canada, 16–18 August 2017; pp. 1093–1110. [Google Scholar]
- DDoS on Dyn Impacts Twitter, Spotify, Reddit; Krebs on Security. 2016. Available online: https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/ (accessed on 27 January 2023).
- Blanc, S.; Lahmadi, A.; Gouguec, K.L.; Minier, M.; Sleem, L. Benchmarking of lightweight cryptographic algorithms for wireless IoT networks. Wirel. Netw. 2022, 28, 3453–3476. [Google Scholar] [CrossRef]
- Nordrum, A. Popular Internet of Things Forecast of 50 Billion Devices by 2020 Is Outdated. IEEE Spectrum. 2016. Available online: https://spectrum.ieee.org/popular-internet-of-things-forecast-of-50-billion-devices-by-2020-is-outdated (accessed on 27 January 2023).
- Beune, P. Lightweight Public Key Infrastructure for IoT. Master’s Thesis, University of Twente, Twente, The Netherlands, 2023. [Google Scholar]
- Marino, F.; Moiso, C.; Petracca, M. PKIoT: A public key infrastructure for the Internet of Things. Trans. Emerg. Telecommun. Technol. 2019, 30, e3681. [Google Scholar] [CrossRef]
- Toorani, M.; Beheshti, A. LPKI-a lightweight public key infrastructure for the mobile environments. In Proceedings of the 2008 11th IEEE Singapore International Conference on Communication Systems, Guangzhou, China, 19–21 November 2008; pp. 162–166. [Google Scholar]
- Hoogland, M. A Distributed Public Key Infrastructure for the IoT. Master’s Thesis, Delft University of Technology, Delft, The Netherlands, 2018. [Google Scholar]
- Aljadani, N.; Gazdar, T. A New distributed PKI for WSN-Based Application in Smart Grid. In Proceedings of the 4th International Conference on Future Networks and Distributed Systems (ICFNDS), St. Petersburg, Russia, 26–27 November 2020; pp. 1–5. [Google Scholar]
- Siddiqui, Z.; Gao, J.; Khan, M.K. An Improved Lightweight PUF-PKI Digital Certificate Authentication Scheme for the Internet of Things. IEEE Internet Things J. 2022, 9, 19744–19756. [Google Scholar] [CrossRef]
- Singla, A.; Bertino, E. Blockchain-based PKI solutions for IoT. In Proceedings of the 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC), Philadelphia, PA, USA, 18–20 October 2018; pp. 9–15. [Google Scholar]
- Magnusson, S. Evaluation of Decentralized Alternatives to PKI for IoT Devices: A Literature Study and Proof of Concept Implementation to Explore the Viability of Replacing PKI with Decentralized Alternatives. Master’s Thesis, School of Electrical Engineering and Computer Science, Berkeley, CA, USA, 2018. [Google Scholar]
- Pintaldi, L. Implementation of a Blockchain-Based Distributed PKI for IoT Using Emercoin NVS and TPM 2.0. Ph.D. Thesis, Politecnico di Torino, Torino, Italy, 2022. [Google Scholar]
- Champagne, L. Replacing Public Key Infrastructures (PKI) by Blockchain IoT Devices Security Management. Master’s Thesis, University of Liège, Liège, Belgium, 2021. [Google Scholar]
- Barker, E. Recommendation for Key Management; Technical Report; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2020. [Google Scholar] [CrossRef]
- Hankerson, D.; Menezes, A. Elliptic Curve Discrete Logarithm Problem. In Encyclopedia of Cryptography and Security; Springer: New York, NY, USA, 2011; pp. 397–400. [Google Scholar] [CrossRef]
- Diffie, W.; Hellman, M. New directions in cryptography. IEEE Trans. Inf. Theory 1976, 22, 644–654. [Google Scholar] [CrossRef]
- Walfield, N.H.; Koch, W. TOFU for OpenPGP. In Proceedings of the 9th European Workshop on System Security, London, UK, 18 April 2016; pp. 1–6. [Google Scholar]
- Forsby, F.; Furuhed, M.; Papadimitratos, P.; Raza, S. Lightweight x. 509 digital certificates for the internet of things. In Proceedings of the Interoperability, Safety and Security in IoT: Third International Conference, InterIoT 2017, and Fourth International Conference, SaSeIot 2017, Valencia, Spain, 6–7 November 2017; Proceedings 3. Springer: Berlin/Heidelberg, Germany, 2018; pp. 123–133. [Google Scholar]
- Albalas, F.; Al-Soud, M.; Almomani, O.; Almomani, A. Security-aware CoAP application layer protocol for the internet of things using elliptic-curve cryptography. Power 2018, 1333, 151. [Google Scholar]
- Qazi, R.; Qureshi, K.N.; Bashir, F.; Islam, N.U.; Iqbal, S.; Arshad, A. Security protocol using elliptic curve cryptography algorithm for wireless sensor networks. J. Ambient Intell. Humaniz. Comput. 2020, 12, 547–566. [Google Scholar] [CrossRef]
- Bai, T.D.P.; Raj, K.M.; Rabara, S.A. Elliptic curve cryptography based security framework for Internet of Things (IoT) enabled smart card. In Proceedings of the 2017 World Congress on Computing and Communication Technologies (WCCCT), Tiruchirappalli, India, 2–4 February 2017; pp. 43–46. [Google Scholar]
- Shah, D.P.; Shah, P.G. Revisting of elliptical curve cryptography for securing Internet of Things (IOT). In Proceedings of the 2018 Advances in Science and Engineering Technology International Conferences (ASET), Dubai, United Arab Emirates, 6–7 February 2018; pp. 1–3. [Google Scholar]
- Pinol, O.P.; Raza, S.; Eriksson, J.; Voigt, T. BSD-based elliptic curve cryptography for the open Internet of Things. In Proceedings of the 2015 7th International Conference on New Technologies, Mobility and Security (NTMS), Paris, France, 27–29 July 2015; pp. 1–5. [Google Scholar]
- Liu, A.; Ning, P. TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008), St. Louis, MO, USA, 22–24 April 2008; pp. 245–256. [Google Scholar] [CrossRef]
- Liu, Z.; Seo, H. IoT-NUMS: Evaluating NUMS elliptic curve cryptography for IoT platforms. IEEE Trans. Inf. Forensics Secur. 2018, 14, 720–729. [Google Scholar] [CrossRef]
- Cooper, D.; Santesson, S.; Farrell, S.; Boeyen, S.; Housley, R.; Polk, W. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile; RFC 5280; RFC Editor: Marina del Rey, CA, USA, 2008; Available online: http://www.rfc-editor.org/rfc/rfc5280.txt (accessed on 27 January 2023).
- Cooper, M.; Dzambasow, Y.; Hesse, P.; Joseph, S.; Nicholas, R. Internet X.509 Public Key Infrastructure: Certification Path Building; RFC 4158; RFC Editor: Marina del Rey, CA, USA, 2005; Available online: http://www.rfc-editor.org/rfc/rfc4158.txt (accessed on 27 January 2023).
- Bormann, C.; Hoffman, P. Concise Binary Object Representation (CBOR); RFC 7049; RFC Editor: Marina del Rey, CA, USA, 2013. [Google Scholar]
- High-Performance, IEEE 802.15.4 Wireless System-on-Chip with up to 256 Kbytes of Embedded Flash Memory. Available online: https://datasheet.octopart.com/STM32W108C-SK-STMicroelectronics-datasheet-10541516.pdf (accessed on 7 June 2023).
- MacKay, K. micro-ecc. 2014. Available online: https://github.com/kmackay/micro-ecc/blob/master/LICENSE.txt (accessed on 7 June 2023).
- Vigano, L. Automated security protocol analysis with the AVISPA tool. Electron. Notes Theor. Comput. Sci. 2006, 155, 61–86. [Google Scholar] [CrossRef]
- Maurer, U. Information-Theoretic Cryptography. In Advances in Cryptology—CRYPTO’ 99; Springer: Berlin/Heidelberg, Germany, 1999; pp. 47–65. [Google Scholar] [CrossRef]
- Dolev, D.; Yao, A. On the security of public key protocols. IEEE Trans. Inf. Theory 1983, 29, 198–208. [Google Scholar] [CrossRef]
- Chien, H.Y. Dynamic Public Key Certificates with Forward Secrecy. Electronics 2021, 10, 2009. [Google Scholar] [CrossRef]
Symbol | Description |
---|---|
H | Hardware score of a node |
U | Cryptographically secure Universally Unique Identifier (UUID) |
C | Node certificate |
S | Signature of C |
Public Key | |
Secret Key | |
R | Revocation status (0 = not revoked, 1 = revoked) |
Message M is encrypted with key k |
Type of Metric | Name | Authors’ Results | Our Results | Improvement |
---|---|---|---|---|
Certificate size | Forsby et al. [34] |
|
| ✗ |
Certificate verification | IoT-PKI [4] Pinol et al. [39] Singla et al. [26] PKIoT [21] |
|
| ✓ ✓ ✓ ✓ |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
El-Hajj, M.; Beune, P. Decentralized Zone-Based PKI: A Lightweight Security Framework for IoT Ecosystems. Information 2024, 15, 304. https://doi.org/10.3390/info15060304
El-Hajj M, Beune P. Decentralized Zone-Based PKI: A Lightweight Security Framework for IoT Ecosystems. Information. 2024; 15(6):304. https://doi.org/10.3390/info15060304
Chicago/Turabian StyleEl-Hajj, Mohammed, and Pim Beune. 2024. "Decentralized Zone-Based PKI: A Lightweight Security Framework for IoT Ecosystems" Information 15, no. 6: 304. https://doi.org/10.3390/info15060304