Abstract
Enterprises are no doubt interested in reaching data collected from billions of Internet of Things (IoT) devices which opens a huge potential business. The main concern remains the security challenges from the distribution of key while using public key cryptography. To ensure that IOT connected devices can be trusted to be what they are supposed to be, robust IoT device authentication is mandated. Each IoT device therefore requires a unique identity which can be verified when the device tries to link to an intermediate device. One of the early solutions used to secure data transmission among parties in public networks is the Public Key Infrastructure (PKI) which is used to distribute and manage public keys (digital certificates) among different parties and these certificates are generated upon request by Certificate Authorities (CA). Nevertheless, for billions of devices connected to IoT and mobile phones, the distribution management of certificates for each client proved to be inefficient. In this research, we propose a decentralized authentication platform based on PKI and Ethereum Blockchain. The public key certificates are stored in a decentralized fashion and the private keys are stored inside the devices themselves. It also includes a protocol for Pre-Shared Keys (PSK) distribution. PSK keys are then used by PSK-based security protocols for securing the communication channel between two devices. This platform includes a client-side module, a server-side Wallet Management Function, and a smart contract deployed on the Ethereum Blockchain network. This platform can be used by applications for end devices and/or intermediate devices authentication and a secure Machine-to-Machine (M2M) communication. The proposed platform is validated by the implementation of a Secure Session Establishment between IoT devices. Results show that the solution implementation has minimal impact on the existing networks, and the secure session setup time between two devices is negligible compared to the existing security methods. Eventually, this scheme can help removing the trust requirement placed on clients by the current PKI/CAs infrastructure.
Original language | English |
---|---|
Title of host publication | 2019 International Conference on Wireless Networks and Mobile Communications (WINCOM) |
Place of Publication | Piscataway, NJ |
Publisher | IEEE |
Pages | 1-7 |
Number of pages | 7 |
ISBN (Electronic) | 978-1-7281-2625-8 |
ISBN (Print) | 978-1-7281-2626-5 |
DOIs | |
Publication status | Published - 19 Dec 2019 |
Externally published | Yes |
Event | 7th International Conference on Wireless Networks and Mobile Communications, WINCOM 2019 - Fez, Morocco Duration: 29 Oct 2019 → 1 Nov 2019 Conference number: 7 |
Conference
Conference | 7th International Conference on Wireless Networks and Mobile Communications, WINCOM 2019 |
---|---|
Abbreviated title | WINCOM 2019 |
Country/Territory | Morocco |
City | Fez |
Period | 29/10/19 → 1/11/19 |
Keywords
- Blockchain
- Consensus algorithm
- Authentication
- Public key
- Smart contracts