19.06.2023 | Michael Veser
The Special Requirements of an IoT PKI
A public key infrastructure (PKI) is an important aspect of modern information security. For years, it has been the standard that all sensitive connections are encrypted. Even if you may not be aware of it, you are constantly dealing with a wide variety of PKIs! The fact that you hardly notice this in everyday life is a quality feature of well-functioning PKIs.
Basically, every PKI is based on public key cryptography. Two keys are used for each connection - a public key, which is used to encrypt the data, and a private key, which is used to decrypt the data. The public key is freely accessible, the private key must be kept secret. For many years, development in the field of PKI has focused on the near real-time verification of certificate validity and - driven by the public certification authorities - an ever shorter certificate validity period.
However, the rapid development in the area of the Internet of Things (IoT) has given rise to requirements that run counter to developments in the PKI area. The exclusive focus on maximum PKI security is usually not expedient here, as it does not take into account the specific requirements of an IoT environment. Problems are caused, for example, by the long service life of devices, difficult patch management and the fact that an Internet connection is not always available. But why is this the case?
First of all, it is important to understand that the Internet of Things is a very large and heterogeneous network that encompasses many different devices and systems. These range from large stationary machines to small battery-powered sensors with little computing power. A PKI used in this environment must also function on energy-saving and less powerful devices, while at the same time guaranteeing decades of security and offering maximum scalability for future requirements.
Short-lived certificates and the immediate recognition of revoked certificates are hardly applicable in such an environment. An IoT device must continue to function even after years of storage without having regularly retrieved revocation or renewal information.
In the IoT environment, it therefore makes sense to look beyond the classic horizon and question the common implementations of a PKI.
What could a suitable implementation look like?
A sensible way to use a PKI in the IoT environment could be so-called “ephemeral certificates”, which can best be translated as “one-time certificates”.
Each IoT device is equipped with such a certificate during production. The certificate is valid for decades, in line with the lifespan of the device. No revocation point is stored in the device certificate and the certificate of the remote station. The certificate is linked to the identity of the device and therefore has the same lifespan.
The sole purpose of such a one-time certificate is to authenticate the initial connection of the device to the network. As soon as the connection is established, the authorization of the device is checked and authenticated by means of a comparison with a central database. The downstream use of token-based authentication can be a useful extension of such a one-time certificate. This means that it is still possible at application level to block stolen or defective devices with immediate effect. However, the device itself does not need to establish a permanent or periodic connection to the PKI service, as the certificate does not need to be constantly renewed. By dispensing with classic revocation lists or real-time queries, this information does not have to be constantly retrieved either.
This means that a connection to the manufacturer can be established even in the event of a PKI service failure, which meets the requirement for maximum availability.
In common implementations of certificate checks, a certificate is not accepted if the revocation list or OCSP responder cannot be reached. While this makes sense in classic PKI applications, availability is more important in the IoT environment.
In summary, an IoT PKI faces the following challenges:
- The devices can sometimes lie in a warehouse for years and still have to function afterwards.
- Communication with any remote stations must also still function years later.
- An effective and regular exchange of certificates is often not possible.
- The volume of data traffic plays an important role in cost planning in large environments.
Our recommendations for an IoT PKI are therefore as follows:
- Provide IoT devices with a (one-time) certificate adapted to the lifespan of the device while they are still in the production line.
- After the initial connection has been established and authenticated with the one-time certificate, you can issue further certificates with a higher security standard or define the device’s rights using token-based authentication.
- The certification authority for the one-time certificates is only used for the initial device certificates. As the certificates are usually stored directly on a cryptochip or Trusted Platform Module, the attack scenarios are limited. The ability to react immediately to compromised or stolen devices can also be created by checking other factors such as a device database.
Security Architecure Public Key Infrastructure (PKI)
