New lightweight PKI technologies help secure constrained IoT devices

As billions of devices are being connected to the internet of things, security is lagging behind. Especially for small and battery-powered devices with constrained computing resources. But new lightweight PKI technologies from research project CEBOT, SecureIoT and SecureCare, now enable true end-to-end security also for constrained devices.

Public key infrastructure (PKI) is state of the art when it comes to internet security. However, many small, battery-powered IoT devices lack the required computing resources to use traditional PKI protocols. Most current deployments with constrained devices are not secured at all or only by shared keys, PINs or passwords. As a result, there is a large risk of hacker attacks and eavesdropping.

Now, there is a breakthrough in solving this problem. New lightweight PKI technologies have been developed in the research projects to enable PKI for IoT devices. Martin Furuhed, Nexus’ PKI expert for more than 20 years, has participated in the project and co-authored a paper that addresses two challenges: secure enrollment and certificate overhead reduction.

“In this paper, we develop an automated certificate enrollment protocol light enough for highly constrained devices. This provides end-to-end security between certificate authorities (CA) and the recipient IoT devices. We also design a lightweight profile for X.509 digital certificates. Existing CAs can now issue traditional X.509 certificates to IoT devices,” says Shahid Raza, Director of Cybersecurity at RISE Research Institutes of Sweden. Read the paper here: PKI4IoT: Towards Public Key Infrastructure for the Internet of Things.

Published

About SecureIoT

SecureIoT (Certificate-based Security for Resource-constrained Internet of Things) is a research project funded by Eurostars and run by the RISE Cybersecurity unit together with Nexus.

The aim of SecureIoT has been to equip IoT devices with capabilities to obtain digital certificates in a secure and automated way and by using the communication protocols that these devices speak.

In the previous research projects CEBOT and SecureIoT, a light-weight and fully automated enrollment protocol, lightweight revocation checking and compression technologies for certificates were created for use by constrained devices. SecureCare will continue on this path by developing other lightweight PKI technologies needed to target IoT scenarios.

 

Interested in how Nexus can help enabling trust for your IoT devices?

Explore 

 

 

Read more from Nexus

Connected vehicles Customer Cases

Industry leaders come together for pioneering 5G cybersecurity solution

10 December, 2021
Industry leaders come together for pioneering 5G cybersecurity solution An ambitious initiative has been developed in partnership between Nexus, T...
Blog

Video: Watch the Nexus Smart ID Autumn 2021 release

30 November, 2021
Video: Watch the Nexus Smart ID Autumn 2021 release   Finally, the Smart ID Autumn 2021 release video is here! During this release video, Johan a...
Blog

Nexus sets sights on continued Middle East growth

25 November, 2021
Nexus sets sights on continued Middle East growth  As cyber-attacks continue to rise globally, organizations in the Middle East have increased cyb...