Mohammad El-Hajj, A. Fadlallah, M. Chamoun, A. Serhrouchni
{"title":"以太坊用于使用预共享密钥(psk)的物联网安全认证","authors":"Mohammad El-Hajj, A. Fadlallah, M. Chamoun, A. Serhrouchni","doi":"10.1109/wincom47513.2019.8942487","DOIUrl":null,"url":null,"abstract":"Enterprises are no doubt interested in reaching data collected from billions of Internet of Things (IoT) devices which opens a huge potential business. The main concern remains the security challenges from the distribution of key while using public key cryptography. To ensure that IOT connected devices can be trusted to be what they are supposed to be, robust IoT device authentication is mandated. Each IoT device therefore requires a unique identity which can be verified when the device tries to link to an intermediate device. One of the early solutions used to secure data transmission among parties in public networks is the Public Key Infrastructure (PKI) which is used to distribute and manage public keys (digital certificates) among different parties and these certificates are generated upon request by Certificate Authorities (CA). Nevertheless, for billions of devices connected to IoT and mobile phones, the distribution management of certificates for each client proved to be inefficient. In this research, we propose a decentralized authentication platform based on PKI and Ethereum Blockchain. The public key certificates are stored in a decentralized fashion and the private keys are stored inside the devices themselves. It also includes a protocol for Pre-Shared Keys (PSK) distribution. PSK keys are then used by PSK-based security protocols for securing the communication channel between two devices. This platform includes a client-side module, a server-side Wallet Management Function, and a smart contract deployed on the Ethereum Blockchain network. This platform can be used by applications for end devices and/or intermediate devices authentication and a secure Machine-to-Machine (M2M) communication. The proposed platform is validated by the implementation of a Secure Session Establishment between IoT devices. Results show that the solution implementation has minimal impact on the existing networks, and the secure session setup time between two devices is negligible compared to the existing security methods. Eventually, this scheme can help removing the trust requirement placed on clients by the current PKI/CAs infrastructure.","PeriodicalId":222207,"journal":{"name":"2019 International Conference on Wireless Networks and Mobile Communications (WINCOM)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Ethereum for Secure Authentication of IoT using Pre-Shared Keys (PSKs)\",\"authors\":\"Mohammad El-Hajj, A. Fadlallah, M. Chamoun, A. Serhrouchni\",\"doi\":\"10.1109/wincom47513.2019.8942487\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Enterprises are no doubt interested in reaching data collected from billions of Internet of Things (IoT) devices which opens a huge potential business. The main concern remains the security challenges from the distribution of key while using public key cryptography. To ensure that IOT connected devices can be trusted to be what they are supposed to be, robust IoT device authentication is mandated. Each IoT device therefore requires a unique identity which can be verified when the device tries to link to an intermediate device. One of the early solutions used to secure data transmission among parties in public networks is the Public Key Infrastructure (PKI) which is used to distribute and manage public keys (digital certificates) among different parties and these certificates are generated upon request by Certificate Authorities (CA). Nevertheless, for billions of devices connected to IoT and mobile phones, the distribution management of certificates for each client proved to be inefficient. In this research, we propose a decentralized authentication platform based on PKI and Ethereum Blockchain. The public key certificates are stored in a decentralized fashion and the private keys are stored inside the devices themselves. It also includes a protocol for Pre-Shared Keys (PSK) distribution. PSK keys are then used by PSK-based security protocols for securing the communication channel between two devices. This platform includes a client-side module, a server-side Wallet Management Function, and a smart contract deployed on the Ethereum Blockchain network. This platform can be used by applications for end devices and/or intermediate devices authentication and a secure Machine-to-Machine (M2M) communication. The proposed platform is validated by the implementation of a Secure Session Establishment between IoT devices. Results show that the solution implementation has minimal impact on the existing networks, and the secure session setup time between two devices is negligible compared to the existing security methods. Eventually, this scheme can help removing the trust requirement placed on clients by the current PKI/CAs infrastructure.\",\"PeriodicalId\":222207,\"journal\":{\"name\":\"2019 International Conference on Wireless Networks and Mobile Communications (WINCOM)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Conference on Wireless Networks and Mobile Communications (WINCOM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/wincom47513.2019.8942487\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Wireless Networks and Mobile Communications (WINCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/wincom47513.2019.8942487","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Ethereum for Secure Authentication of IoT using Pre-Shared Keys (PSKs)
Enterprises are no doubt interested in reaching data collected from billions of Internet of Things (IoT) devices which opens a huge potential business. The main concern remains the security challenges from the distribution of key while using public key cryptography. To ensure that IOT connected devices can be trusted to be what they are supposed to be, robust IoT device authentication is mandated. Each IoT device therefore requires a unique identity which can be verified when the device tries to link to an intermediate device. One of the early solutions used to secure data transmission among parties in public networks is the Public Key Infrastructure (PKI) which is used to distribute and manage public keys (digital certificates) among different parties and these certificates are generated upon request by Certificate Authorities (CA). Nevertheless, for billions of devices connected to IoT and mobile phones, the distribution management of certificates for each client proved to be inefficient. In this research, we propose a decentralized authentication platform based on PKI and Ethereum Blockchain. The public key certificates are stored in a decentralized fashion and the private keys are stored inside the devices themselves. It also includes a protocol for Pre-Shared Keys (PSK) distribution. PSK keys are then used by PSK-based security protocols for securing the communication channel between two devices. This platform includes a client-side module, a server-side Wallet Management Function, and a smart contract deployed on the Ethereum Blockchain network. This platform can be used by applications for end devices and/or intermediate devices authentication and a secure Machine-to-Machine (M2M) communication. The proposed platform is validated by the implementation of a Secure Session Establishment between IoT devices. Results show that the solution implementation has minimal impact on the existing networks, and the secure session setup time between two devices is negligible compared to the existing security methods. Eventually, this scheme can help removing the trust requirement placed on clients by the current PKI/CAs infrastructure.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
