New lightweight PKI technologies help secure constrained IoT devices

As billions of devices are being connected to the internet of things, security is lagging behind. Especially for small and battery-powered devices with constrained computing resources. But new lightweight PKI technologies from research project CEBOT, SecureIoT and SecureCare, now enable true end-to-end security also for constrained devices.

Public key infrastructure (PKI) is state of the art when it comes to internet security. However, many small, battery-powered IoT devices lack the required computing resources to use traditional PKI protocols. Most current deployments with constrained devices are not secured at all or only by shared keys, PINs or passwords. As a result, there is a large risk of hacker attacks and eavesdropping.

Now, there is a breakthrough in solving this problem. New lightweight PKI technologies have been developed in the research projects to enable PKI for IoT devices. Martin Furuhed, Nexus’ PKI expert since more than 20 years, has participated in the project and coauthored a paper that addresses two challenges: secure enrollment and certificate overhead reduction.

“In this paper, we develop an automated certificate enrollment protocol light enough for highly constrained devices. This provides end-to-end security between certificate authorities (CA) and the recipient IoT devices. We also design a lightweight profile for X.509 digital certificates. Existing CAs can now issue traditional X.509 certificates to IoT devices,” says Shahid Raza, Director of Cybersecurity at RISE Research Institutes of Sweden. Read the paper here: PKI4IoT: Towards Public Key Infrastructure for the Internet of Things.

Published

About SecureIoT

SecureIoT (Certificate-based Security for Resource-constrained Internet of Things) is a research project funded by Eurostars and run by the RISE Cybersecurity unit together with Nexus.

The aim of SecureIoT has been to equip IoT devices with capabilities to obtain digital certificates in a secure and automated way and by using the communication protocols that these devices speak.

In the previous research projects CEBOT and SecureIoT, a light-weight and fully automated enrollment protocol, lightweight revocation checking and compression technologies for certificates were created for use by constrained devices. SecureCare will continue on this path by developing other lightweight PKI technologies needed to target IoT scenarios.

 

Interested in how Nexus can help enabling trust for your IoT devices?

Explore 

 

 

Read more from Nexus

Citizen ID Customer Cases PKI

Kenya ushers in a new era of eCitizen services with National PKI

30 Juli, 2023
Nexus PKI enables ICT Authority to facilitate secure growth of national digital infrastructure and achieve compliance with global standards.
Cards & credentials Customer Cases Online service Workforce

AWT bietet reibungslose und sichere Lösungen für die Identitäten von Mitarbeiter als Service

10 Juli, 2023
AWT delivers integrated workforce ID card administration & global card personalization services in their solutions through a partnership with Nexus...
Customer Cases Workforce

Lomma municipality uses Nexus Smart ID to boost security of its shared mobile devices

8 Juli, 2022
Lomma municipality uses Nexus Smart ID to boost the security of its shared mobile devices Lomma municipality is a longstanding Nexus customer. Whe...