| Title | LICE: Lightweight certificate enrollment for IoT using application layer security |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Höglund, Joel, Raza, Shahid |
| Conference Name | 2021 IEEE Conference on Communications and Network Security (CNS) |
| Date Published | oct |
| Keywords | cbor, composability, Digital certificate, EDHOC, Embedded systems, encoding, enrollment, Hardware, Human Behavior, Internet security, IoT, IoT security, Metrics, Network security, OSCORE, PKI, Protocols, pubcrawl, Public key, public key infrastructure, radio networks, Resiliency |
| Abstract | To bring Internet-grade security to billions of IoT devices and make them first-class Internet citizens, IoT devices must move away from pre-shared keys to digital certificates. Public Key Infrastructure, PKI, the digital certificate management solution on the Internet, is inevitable to bring certificate-based security to IoT. Recent research efforts has shown the feasibility of PKI for IoT using Internet security protocols. New and proposed standards enable IoT devices to implement more lightweight solutions for application layer security, offering real end-to-end security also in the presence of proxies.In this paper we present LICE, an application layer enrollment protocol for IoT, an important missing piece before certificate-based security can be used with new IoT standards such as OSCORE and EDHOC. Using LICE, enrollment operations can complete by consuming less than 800 bytes of data, less than a third of the corresponding operations using state-of-art EST-coaps over DTLS. To show the feasibility of our solution, we implement and evaluate the protocol on real IoT hardware in a lossy low-power radio network environment. |
| DOI | 10.1109/CNS53000.2021.9705036 |
| Citation Key | hoglund_lice_2021 |
LICE: Lightweight certificate enrollment for IoT using application layer security