A long, long time ago, nearly 4,000 years, in a land far, far away ancient cryptography was born. The Place? Egypt. It is there historians believe the technique was invented by priests as a character substitution for hieroglyphics. Then in Greece, it is believed the ancient Spartan military also relied on cryptography, though it’s not clear if it was used for encryption, authentication or to avoid bad omens. One certainly wonders!
Zoom ahead thousands of years later, all the way to the 1970’s when modern cryptography was born.
It came about in 1976 when Whitfield Diffie and Martin Hellman (unknown to many, it was originally conceptualized by Ralph Merkle) published a paper on key agreement protocol. The concepts discussed in the paper, New Directions in Cryptography, are still very much in use today, and form the genesis of public key cryptography. However, it is now believed that a British engineer, John Ellis had secretly invented public key cryptography in 1969. This information was classified until 1997.
It was another paper published just a year later that would have even more significance. In 1977, the trio of Ronald Rivest, Adi Shamir, and Leonard Adleman – the founders of RSA – published A Method for Obtaining Digital Signatures and Public Key Cryptosystems. The key transport scheme and digital signature algorithm discussed in the paper are still considered a cornerstone of modern cryptography and became the basis for Public Key Infrastructure (PKI) as it is known today.
In addition, the Data Encryption Standard (DES) was also published at this time (introduced in 1975, published in 1977) by the National Institute of Standards and Technology (NIST) as FIPS PUB 46. This standard is now outdated and has since been withdrawn.
These three leaps forward in modern cryptography were the true beginnings of the security industry. From there, PKI took off.
Dispelling the top PKI myths for IoT
Once in place, PKI was used for many purposes, and was instrumental in the development of e-signatures in the late 1990s. It has also been relied upon for general applications such as driver’s licenses, passports and employee ID badges. Today, PKI forms the basis of the trusted World Wide Web. Transport Layer Security or TLS is used to encrypt and secure communications between entities and websites, online payments and transactions, etc. There has been a concerted effort by browser vendors like Google and Mozilla to move websites over to HTTPS.
Despite PKI’s many success it has its detractors. However, I strongly believe PKI is absolutely the way forward for IoT security. Let me address this by dispelling some common myths about PKI as they relate to the IoT.
Myth #1: PKI cannot scale up to protect the billions of IoT devices
Truth: Scaling PKI for the IoT is very unlike scaling an Enterprise PKI solution. However, PKI for IoT does not necessarily require the scaling up of public CA infrastructure. IoT devices are currently deployed in mostly closed private ecosystems, or hybrid semi-closed ecosystems, where edge gateways require a public PKI hierarchy while edge-leaf nodes rely on a separate private hierarchy. Several PKI vendors have shown how you could scale up a PKI ecosystem to issue and manage billions of device certificates.
Myth #2: PKI cannot scale down to run on, and protect, constrained IoT devices
Truth: Here, we’re actually talking about PKI’s underlying technology, asymmetric cryptography. It is true that asymmetric crypto operations that are part of a TLS handshake are both time and computationally intensive. However, with the advent of Elliptic Curve Cryptography, ECC keys are being used as the root of IoT device identity.
A 256-bit ECC key provides the same cryptographic strength as a 3072-bit RSA key, while costing less to generate. The CPU cycles as well as the memory footprint required is also lower, leading to a 200% faster SSL certificate processing time. ECC support is by now universal across OSes, SSL libraries and crypto software stacks. Thus, a constrained IoT device can now more easily generate its own private keys, perform verification operations and be secure, while using less CPU and memory, thus saving energy. This is especially important for battery-operated devices.
Another point is around the support for protocols. Various protocols are becoming standardized for IoT devices – Enrollment over Secure Transport (EST) over Constrained Application Protocol (CoAP) as well as LightWeight Machine to Machine (LWM2M) protocol are being increasingly used for IoT devices – these support natively PKI.
Myth #3: PKI is unsuitable due to the heterogeneity of IoT devices
Truth: As of today, hundreds of millions of cable TV boxes, ATMs, cell phone LTE towers, TV receivers and smart electricity meters have been deployed with digital certificates forming the core of their identity. However, it is true that there are not many standards governing the use of PKI for IoT devices. Hence, device makers and architects are borrowing heavily from IT standards – most commonly from the IEEE 802.x family of standards. The Internet of Things is still the Internet – hence, many of the standards governing identity for PCs, mobiles and servers can be easily modified to accommodate IoT devices.
This does require some work from bodies like the Certificate Authority and Browser Forum (CA/B). However, for IoT no such body exists – and so, industry consortia are banding together to adopt a given standard for their vertical. This helps to create vertically integrated IoT security solutions. PKI is usually their technology of choice for establishing identity.
Another proof-point for PKI is how well it can integrate into device architectures, almost like a Swiss Army Knife. Most IoT device makers (should) include a hardware based root-of-trust (ROT) into their device. This could be a Trusted Platform Module (TPM) device, a Physically Unclonable Function (PUF) or some other secure microcontroller (MCU) or security chip. These chip vendors are actively working to develop and/or integrate crypto stacks into their products so that they could be used in conjunction with a device certificate or at the very least, asymmetric crypto (a public-private keypair).
Doing this ensures that the chip has its own private identity that is safeguarded, while the device certificate forms its public identity. Because this credential is widely accepted (in a software context) the device should be able to ‘talk’ to various third party systems.
Myth #4: PKI does not enjoy the ecosystem in the IoT space as much as it does in the IT space
Truth: This is partially correct. However, the reason is that there is no such thing as a mature, IoT ecosystem right now. If we look at product trends, all of the major public cloud providers now have an IoT play. Amazon Web Services (AWS) IoT, Microsoft Azure IoT Hub, Google Cloud IoT Core and ARM Mbed Cloud are some of the large PaaS vendors that also offer IoT device management capabilities. All of these vendors now require some sort of unique identifier for each IoT device that connects to it. Their primary choice – a device certificate. All of these also support a ‘Bring your own Certificate Authority’ (BYOC) or program. This allows device makers to easily integrate their PKI provider of choice into these cloud platforms.
Myth #5: PKI will not be able to withstand the quantum era of computing
Truth: While there has been a lot of discussion on this topic, there is no consistent answer here. Quantum computing is not universally understood, and its applications even less so. While many tout the breakthroughs in computational speed, including being able to easily break ECC keys, the fact remains that there isn’t that much evidence when and how effectively this will happen – this is a future technology that might or might not significantly affect PKI. Advancements in research on the cryptography side will hopefully come up with techniques to mitigate any future risks due to post-quantum accelerated algorithms.
Looking to the future: PKI + blockchain
Blockchain is a potentially revolutionary technology that will disrupt many current generation technologies. While explaining what blockchain is and its potential impact is out of scope of this article, we can certainly discuss its implication on PKI.
Many claim that blockchain, with its decentralized and distributed system, will spell the end of a centralized trusted third-party like a Certificate Authority. I do not concur with that opinion. I believe that Blockchain and PKI are extremely complementary and will together solve many of the pitfalls of each individual technology. The blockchain’s distributed ledger is a great storage mechanism – it is immutable, hence a good candidate for PKI certificate transparency or CT logs and revocation lists. It is replicated across multiple nodes and therefore can be more readily available to edge IoT devices.
Finally, we can use the blockchain to form a peer-to-peer web of trust, akin to what exists today with the WWW. However the first blockchain, the Bitcoin blockchain, relies on anonymity of participants, while identity is the core to any IoT ecosystem – identifying, classifying, grouping and managing IoT devices is an essential system requirement. Hence, we will see hybrid architectures where PKI is used as a device credential, but the Blockchain will be used for any transactional and record management information.
In addition, we will see PKI systems that have interfaces into blockchains and both will merge to offer one combined device ecosystem management solution. This is where I see the market and technology heading towards – for IoT blockchains to be successful, they will have to depend upon PKI.
At the turn of the century, there was talk about the next-gen technology that will finally replace decades-old PKI. Yet, today we have vendors like Google who are pushing to convert all websites into certificate-protected domains. Disruptors like blockchain will rely upon PKI for device identity needs. And encryption researchers will come up with new post-quantum algorithms. One thing is sure – PKI as we know it today will change and evolve. But it is here to stay for a long time to come.