IEEE Access (Jan 2023)
LightCert4IoTs: Blockchain-Based Lightweight Certificates Authentication for IoT Applications
Abstract
The proliferation of the internet of things (IoT) within the emergence of five-generation (5G) networks has received a huge attention in both industrial and academic domains. A 5G network is a cornerstone of realizing the full potential of the IoT, which interconnects billions of devices wirelessly. However, wireless communication in IoT devices reveals tremendous security risks in different dimensions and precisely in the distribution of the user certificates. The existing X.509 PKI, or the proposed decentralized PKI based on blockchain solutions have lacked practicality, and continue to have security flaws, or have not yet gained widespread acceptance owing to complexity and deployment issues. We present a lightweight certificate in size (LightCert4IoTs) that is not issued by Certification Authorities (CAs) due to the cost and complexity of the assignment of a signed certificate. In LightCert4IoTs first, an end-user (i.e., mobile and IoT devices) issues a self-signed certificate and lets Local Registration Authorities (LRAs)/EDGE nodes to verify and validate the binding identity-self signed certificate of the users through the Ethereum blockchain where The Ethereum network is used as the global notary for the IoT light certificates by saving them in the blockchain immutable ledger. The LightCert4IoTs leverages the advantages of blockchain technology and smart contracts to address the existing challenges of PKI certificates in IoT devices, which neatly achieve certificate issuance, update, and revocation more securely and efficiently. Finally, the LightCert4IoTs experimental results show that LightCert, as compared to relevant solutions/baselines, achieves reasonable overheads and is suitable for use in low- constrained IoT devices where the memory and processor power are optimized.
Keywords