Ethereum for Secure Authentication of IoT using Pre-Shared Keys (PSKs)

Mohammad El-Hajj, Ahmad Fadlallah, Maroun Chamoun, Ahmed Serhrouchni

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

18 Citations (Scopus)

Abstract

Enterprises are no doubt interested in reaching data collected from billions of Internet of Things (IoT) devices which opens a huge potential business. The main concern remains the security challenges from the distribution of key while using public key cryptography. To ensure that IOT connected devices can be trusted to be what they are supposed to be, robust IoT device authentication is mandated. Each IoT device therefore requires a unique identity which can be verified when the device tries to link to an intermediate device. One of the early solutions used to secure data transmission among parties in public networks is the Public Key Infrastructure (PKI) which is used to distribute and manage public keys (digital certificates) among different parties and these certificates are generated upon request by Certificate Authorities (CA). Nevertheless, for billions of devices connected to IoT and mobile phones, the distribution management of certificates for each client proved to be inefficient. In this research, we propose a decentralized authentication platform based on PKI and Ethereum Blockchain. The public key certificates are stored in a decentralized fashion and the private keys are stored inside the devices themselves. It also includes a protocol for Pre-Shared Keys (PSK) distribution. PSK keys are then used by PSK-based security protocols for securing the communication channel between two devices. This platform includes a client-side module, a server-side Wallet Management Function, and a smart contract deployed on the Ethereum Blockchain network. This platform can be used by applications for end devices and/or intermediate devices authentication and a secure Machine-to-Machine (M2M) communication. The proposed platform is validated by the implementation of a Secure Session Establishment between IoT devices. Results show that the solution implementation has minimal impact on the existing networks, and the secure session setup time between two devices is negligible compared to the existing security methods. Eventually, this scheme can help removing the trust requirement placed on clients by the current PKI/CAs infrastructure.
Original languageEnglish
Title of host publication2019 International Conference on Wireless Networks and Mobile Communications (WINCOM)
Place of PublicationPiscataway, NJ
PublisherIEEE
Pages1-7
Number of pages7
ISBN (Electronic)978-1-7281-2625-8
ISBN (Print)978-1-7281-2626-5
DOIs
Publication statusPublished - 19 Dec 2019
Externally publishedYes
Event7th International Conference on Wireless Networks and Mobile Communications, WINCOM 2019 - Fez, Morocco
Duration: 29 Oct 20191 Nov 2019
Conference number: 7

Conference

Conference7th International Conference on Wireless Networks and Mobile Communications, WINCOM 2019
Abbreviated titleWINCOM 2019
Country/TerritoryMorocco
CityFez
Period29/10/191/11/19

Keywords

  • Blockchain
  • Consensus algorithm
  • Authentication
  • Public key
  • Smart contracts

Fingerprint

Dive into the research topics of 'Ethereum for Secure Authentication of IoT using Pre-Shared Keys (PSKs)'. Together they form a unique fingerprint.

Cite this