Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
PKI4IoT: Towards public key infrastructure for the Internet of Things
RISE - Research Institutes of Sweden, ICT, SICS.
RISE - Research Institutes of Sweden, ICT, SICS.
Technology Nexus Secured Business Solutions, Sweden.
RISE - Research Institutes of Sweden, ICT, SICS.ORCID iD: 0000-0001-8192-0893
2020 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 89, article id 101658Article in journal (Refereed) Published
Abstract [en]

Public Key Infrastructure is the state-of-the-art credential management solution on the Internet. However, the millions of constrained devices that make of the Internet of Things currently lack a centralized, scalable system for managing keys and identities. Modern PKI is built on a set of protocols which were not designed for constrained environments, and as a result many small, battery-powered IoT devices lack the required computing resources. In this paper, we develop an automated certificate enrollment protocol light enough for highly constrained devices, which provides end-to-end security between certificate authorities (CA) and the recipient IoT devices. We also design a lightweight profile for X.509 digital certificates with CBOR encoding, called XIOT. Existing CAs can now issue traditional X.509 to IoT devices. These are converted to and from the XIOT format by edge devices on constrained networks. This procedure preserves the integrity of the original CA signature, so the edge device performing certificate conversion need not be trusted. We implement these protocols within the Contiki embedded operating system and evaluate their performance on an ARM Cortex-M3 platform. Our evaluation demonstrates reductions in energy expenditure and communication latency. The RAM and ROM required to implement these protocols are on par with the other lightweight protocols in Contiki’s network stack.

Place, publisher, year, edition, pages
2020. Vol. 89, article id 101658
Keywords [en]
Security, CBOR, IoT, PKI, Digital certificates, Enrollment, Embedded systems, Contiki
National Category
Natural Sciences
Identifiers
URN: urn:nbn:se:ri:diva-42433DOI: 10.1016/j.cose.2019.101658OAI: oai:DiVA.org:ri-42433DiVA, id: diva2:1381245
Available from: 2019-12-20 Created: 2019-12-20 Last updated: 2019-12-20Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records BETA

Raza, Shahid

Search in DiVA

By author/editor
Raza, Shahid
By organisation
SICS
In the same journal
Computers & security (Print)
Natural Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 3 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.9