New lightweight PKI technologies help secure constrained IoT devices

As billions of devices are being connected to the internet of things, security is lagging behind. Especially for small and battery-powered devices with constrained computing resources. But new lightweight PKI technologies from research project CEBOT, SecureIoT and SecureCare, now enable true end-to-end security also for constrained devices.

Public key infrastructure (PKI) is state of the art when it comes to internet security. However, many small, battery-powered IoT devices lack the required computing resources to use traditional PKI protocols. Most current deployments with constrained devices are not secured at all or only by shared keys, PINs or passwords. As a result, there is a large risk of hacker attacks and eavesdropping.

Now, there is a breakthrough in solving this problem. New lightweight PKI technologies have been developed in the research projects to enable PKI for IoT devices. Martin Furuhed, Nexus’ PKI expert for more than 20 years, has participated in the project and co-authored a paper that addresses two challenges: secure enrollment and certificate overhead reduction.

“In this paper, we develop an automated certificate enrollment protocol light enough for highly constrained devices. This provides end-to-end security between certificate authorities (CA) and the recipient IoT devices. We also design a lightweight profile for X.509 digital certificates. Existing CAs can now issue traditional X.509 certificates to IoT devices,” says Shahid Raza, Director of Cybersecurity at RISE Research Institutes of Sweden. Read the paper here: PKI4IoT: Towards Public Key Infrastructure for the Internet of Things.

Published

About SecureIoT

SecureIoT (Certificate-based Security for Resource-constrained Internet of Things) is a research project funded by Eurostars and run by the RISE Cybersecurity unit together with Nexus.

The aim of SecureIoT has been to equip IoT devices with capabilities to obtain digital certificates in a secure and automated way and by using the communication protocols that these devices speak.

In the previous research projects CEBOT and SecureIoT, a light-weight and fully automated enrollment protocol, lightweight revocation checking and compression technologies for certificates were created for use by constrained devices. SecureCare will continue on this path by developing other lightweight PKI technologies needed to target IoT scenarios.

 

Interested in how Nexus can help enabling trust for your IoT devices?

Explore 

 

 

Read more from Nexus

Customer Cases

Siemens offers customers secure identity management with Nexus GO Cards

31 May, 2021
Siemens offers customers secure identity management with Nexus GO Cards! Siemens AG is a global technology powerhouse that brings together the dig...
Blog

Video: Watch the Nexus Smart ID Spring 2021 release

25 May, 2021
Video: Watch the Nexus Smart ID Spring 2021 release   Welcome to the Smart ID Spring 2021 release video! We really hope and have our fingers cros...
Customer Cases

EduAdmin selects Nexus for mobile diplomas for the edtech industry!

19 May, 2021
EduAdmin selects Nexus for the next generation of mobile diplomas for the edtech industry! EduAdmin is a SaaS Training Management System for all t...