Ci a ion: As o ga, J.; Ba celo, M.;
U bie a, A.; Jacob, E. Re isi ing he
Feasibili y o Public Key
C yp og aphy in Ligh o IIoT
Communica ions. Senso s 2022,22,
2561. h ps://doi.o g/10.3390/
s22072561
Academic Edi o s: E hiopia Nigussie
and Hab amu Abie
Recei ed: 23 Feb ua y 2022
Accep ed: 24 Ma ch 2022
Published: 27 Ma ch 2022
Publishe ’s No e: MDPI s ays neu al
wi h ega d o ju isdic ional claims in
published maps and ins i u ional a il-
ia ions.
Copy igh : © 2022 by he au ho s.
Licensee MDPI, Basel, Swi ze land.
This a icle is an open access a icle
dis ibu ed unde he e ms and
condi ions o he C ea i e Commons
A ibu ion (CC BY) license (h ps://
c ea i ecommons.o g/licenses/by/
4.0/).
senso s
Re iew
Re isi ing he Feasibili y o Public Key C yp og aphy in Ligh
o IIoT Communica ions
Jasone As o ga 1,* , Ma c Ba celo 2, Ai o U bie a 2and Edua do Jacob 1
1Depa men o Communica ions Enginee ing, Facul y o Enginee ing, Uni e si y o he Basque Coun y
UPV/EHU, Plaza Ingenie o To es Que edo 1, 48013 Bilbao, Spain; edua [email p o ec ed]
2Ike lan Technology Resea ch Cen e, Basque Resea ch and Technology Alliance (BRTA), Pº J.M.
A izmendia ie a 2, 20500 A asa e-Mond agon, Spain; [email p o ec ed] (M.B.);
[email p o ec ed] (A.U.)
*Co espondence: jasone.as o [email p o ec ed]
Abs ac :
Digi al ce i ica es a e ega ded as he mos secu e and scalable way o implemen ing
au hen ica ion se ices in he In e ne oday. They a e used by mos popula secu i y p o ocols, in-
cluding T anspo Laye Secu i y (TLS) and Da ag am T anspo Laye Secu i y (DTLS). The li ecycle
managemen o digi al ce i ica es elies on cen alized Ce i ica ion Au ho i y (CA)-based Public Key
In as uc u es (PKIs). Howe e , he implemen a ion o PKIs and ce i ica e li ecycle managemen
p ocedu es in Indus ial In e ne o Things (IIoT) en i onmen s p esen s some challenges, mainly
due o he high esou ce consump ion ha hey imply and he lack o us in he cen alized CAs.
This pape iden i ies and desc ibes he main challenges o implemen ce i ica e-based public key
c yp og aphy in IIoT en i onmen s and i su eys he al e na i e app oaches p oposed so a in
he li e a u e o add ess hese challenges. Mos p oposals ely on he in oduc ion o a T us ed
Thi d Pa y o aid he IIoT de ices in asks ha exceed hei capaci y. The p oposed al e na i es
a e complemen a y and hei applica ion depends on he speci ic challenge o sol e, he applica ion
scena io, and he capaci ies o he in ol ed IIoT de ices. This pape e isi s all hese al e na i es in
ligh o indus ial communica ion models, iden i ying hei s eng hs and weaknesses, and p o iding
an in-dep h compa a i e analysis.
Keywo ds: ABE; blockchain; DTLS; IIoT; PKI; X.509
1. In oduc ion
Indus y 4.0 is in ended o become he ou h indus ial e olu ion. Fos e ed by
digi aliza ion and in o ma ion and communica ion echnologies, manu ac u ing sys ems,
supply chain managemen and decision-making p ocedu es will become sma e and mo e
au onomous. This will esul in dis up i e indus ial p ocesses and ac o ies. In o de
o achie e his goal, la ge-scale da a ga he ing becomes an essen ial pilla , in ol ing he
deploymen o Indus ial IoT (IIoT) de ices [1].
The ealiza ion o Indus y 4.0 scena ios en ails ha indus ial da a and p ocesses
a e no longe bounded o he limi s o he ac o y. In such scena ios, he de ices and
applica ions deployed in he indus ial plan need o communica e wi h ex e nal en i ies,
such as X-as-a-So wa e se ices implemen ed in cloud p o ide s o applica ions loca ed in
he p emises o supplie s, se ice p o ide s, e c. Such an app oach opens he doo o an
immeasu able numbe o new oppo uni ies, bu i also esul s in he exposu e o indus ial
sys ems o new po en ial secu i y h ea s and a acks o igina ed in he In e ne . While he
secu i y issues ela ed o he connec ion o adi ional de ices (such as PCs, lap ops, se e s
o sma phones) o he In e ne ha e been s udied o yea s, indus ial applica ions and
de ices a e new o his wo ld. Addi ionally, adi ional secu i y mechanisms a e no always
di ec ly expo able o he indus ial en i onmen s due o pa icula cha ac e is ics o hese
Senso s 2022,22, 2561. h ps://doi.o g/10.3390/s22072561 h ps://www.mdpi.com/jou nal/senso s
Senso s 2022,22, 2561 2 o 38
en i onmen s such as he use o speci ic, and some imes p op ie a y, indus ial communica-
ion p o ocols and he long li e ime o indus ial sys ems, which migh implemen obsole e
so wa e and ope a ing sys ems, e c.
In his con ex , he case o IIoT de ices is especially c i ical, because hese de ices
equen ly suppo c ucial p ocesses. The e o e, he modi ica ion o he da a hey p o ide
o he una ailabili y o hese da a may ha e an impo an nega i e impac on he suppo ed
manu ac u ing p ocesses, such as he aul y manu ac u ing o p oduc s o s opping a man-
u ac u ing line. All o hese issues di ec ly imply impo an economical losses. Howe e ,
he p o ec ion o IIoT de ices is a challenging issue. Apa om he p e iously men ioned
di icul ies common o all indus ial sys ems, hey also imply addi ional challenges associ-
a ed wi h hei small memo ies and p ocessing capabili ies and he ac ha hey equen ly
ope a e on ba e ies, make use o wi eless communica ion mechanisms, and a e deployed in
places whe e human access is di icul ( o example, due o exposu e o ex eme condi ions
in manu ac u ing p ocesses).
In he In e ne , digi al ce i ica es and public key c yp og aphy ha e eme ged as he
backbone o scalable and eliable secu i y mechanisms. Howe e , he implemen a ion o
hese mechanisms in IIoT en i onmen s en ails impo an challenges. Public key c yp og a-
phy is by na u e highly esou ce consuming and, he e o e, i does no i he iny memo ies
and p ocesso s a ailable in small IIoT de ices. In his ega d, secu i y mechanisms based
on symme ic-key c yp og aphy a e be e sui ed o he cha ac e is ics o IIoT de ices, bu
hey lack scalabili y and, he e o e, hey a e no use ul o suppo he open, he e ogeneous
and lexible communica ion pa e ns equi ed by Indus y 4.0 p ocesses.
Apa om he issues associa ed wi h he ha dwa e limi a ions o he IIoT de ices
o be p o ec ed, he use o digi al ce i ica es and public key c yp og aphy also en ails
p oblems inhe en o he cen alized na u e o he cu en ly used Public Key In as uc u es
(PKI). On he one hand, adi ional Ce i ica ion Au ho i y (CA)-based cen alized PKIs
a e subjec o lack o us suspicions. As i will be explained in dep h in Sec ion 5, in he
cu en hie a chical CA a chi ec u e, based on a ee s uc u e as depic ed in Figu e 1, he
secu i y o he whole sys em depends on he secu i y o he high-le el CAs. The e o e,
i any elemen o he ee is comp omised, he es o he b anches hanging om he
comp omised elemen a e au oma ically comp omised oo. Secu i y ulne abili ies can be
o a echnical na u e, such as in he case o malicious a acks o sloppy con igu a ions, bu
hey can also be he esul o o ganiza ions con olling CAs wan ing o snoop in o ci izens’
communica ions. On he o he hand, he expec ed massi e deploymen o IIoT de ices
aises new challenges o he cu en cen alized CA a chi ec u es which will s uggle o
suppo all hese new de ices.
In his con ex , he objec i e o his su ey pape is o s udy he challenges ha he
implemen a ion o public key c yp og aphic mechanisms in ol es o IIoT de ices and
o analyze al e na i e app oaches o add ess hem. The no el y o his su ey pape
lies in bo h he ype o conside ed mechanisms and he applica ion scena io. The e a e
p e ious pape s ha su ey he implemen a ion o se e al ypes o c yp osys ems [
2
,
3
]
and au hen ica ion mechanisms [
4
,
5
] in IoT scena ios. Howe e , nei he o hem s udies
he di e en issues associa ed wi h he implemen a ion o public key mechanisms, and
besides his, no p e ious wo k conside s he speci ic con ex o indus ial scena ios. In his
ega d, he e a e some issues ha a e common o all IoT de ices, and o he s speci ic o
he indus ial en i onmen s and he used p o ocols and communica ion a chi ec u es. Fo
his eason, a e in oducing he cha ac e is ics o indus ial communica ions, he pape
is s uc u ed so ha in Sec ions 3–5, he limi a ions common o all IoT de ices a e i s
s udied and al e na i e app oaches assessed. Then, his analysis is e isi ed in ligh o he
indus ial communica ion p o ocols and en i onmen s.
Senso s 2022,22, 2561 3 o 38
Roo
CA
In e media y
CAs
Issuing
CAs
Digi al
ce i ica e
holde s
Figu e 1. T adi ional Ce i ica ion Au ho i y hie a chy.
The es o he pape is s uc u ed as ollows: Sec ion 2p esen s he mos common
communica ion p o ocols in indus ial scena ios and he implemen ed secu i y mechanisms
and ex ac s common cha ac e is ics. Nex , Sec ion 3s udies he mechanisms p oposed
so a o make Da ag am T anspo Laye Secu i y (DTLS) connec ions easible in IoT
de ices and analyzes he applicabili y o he s udied al e na i es in indus ial en i onmen s.
Sec ion 4, in u n, assesses he possibili y o using A ibu e-Based Enc yp ion (ABE) as an
al e na i e o adi ional public key enc yp ion in en i onmen s ha in ol e IoT de ices,
and mo e speci ically, in indus ial communica ion scena ios. Simila ly, Sec ion 5, s udies
he applicabili y o blockchain o eplace he cu en cen alized PKIs and i s easibili y in
indus ial con ex s. Then, Sec ion 6p esen s an in-dep h compa a i e analysis o all he
s udied app oaches and inally, Sec ion 7ga he s he main conclusions o he pape .
2. Indus ial Communica ion P o ocols
In his sec ion, he speci ici ies o indus ial communica ion p o ocols a e p esen ed in
o de o de ine he cha ac e is ics o indus ial communica ion scena ios.
O e all, indus ial communica ion ne wo ks a e mainly based on Supe iso y Con-
ol and Da a Acquisi ion (SCADA) sys ems aimed a con olling indus ial p ocesses by
moni o ing, ga he ing and p ocessing eal- ime da a. SCADA sys ems consis o so wa e
and ha dwa e elemen s whe e usually P og ammable Logic Con olle s (PLCs) o Remo e
Te minal Uni s (RTUs) communica e wi h a se o elemen s deployed in he indus ial plan ,
such as machine ools, senso s, ac ua o s, e c. The PLCs and RTUs implemen SCADA so -
wa e o ou e he in o ma ion ga he ed om hese elemen s o compu e s unning SCADA
so wa e, which p ocesses and displays he da a in a way ha is easily unde s andable by
human ope a o s and helps hem o make impo an decisions. Figu e 2shows he o e all
a chi ec u e o a SCADA sys em.
Senso s 2022,22, 2561 4 o 38
Senso s,
machine
ools,
ac ua o s,
e c PLCs
o
RTUs
SCADA
sys ems:
da a
s o age,
p ocessing,
isualiza ion,
e c
Figu e 2. Basic a chi ec u e o a SCADA sys em.
Among he mos popula p o ocols cu en ly used in TCP/IP-based SCADA sys ems,
he ollowing can be highligh ed: AMQP, MQTT, XMPP, Modbus TCP, OPC UA and CoAP.
Nex , hese p o ocols a e b ie ly desc ibed.
The i s e sions o he Ad anced Message Queuing P o ocol (AMQP) ( e e ed o
as AMQP 0-9-1) cons i u e a messaging p o ocol s ongly based on he use o middlewa e
b oke s, whe e hese b oke s ou e messages ecei ed om publishe s o consume s. How-
e e , he la es e sion o AMQP, known as AMQP 1.0 [
6
], comp ises impo an di e ences
wi h espec o p e ious speci ica ions o he p o ocol, being he mos ele an one due
o he ac ha i does no de ine a b oke . This la es e sion o he p o ocol is he only
one s anda dized by OASIS and ISO/IEC, and i ocuses on he messaging laye , ha is,
on how da a is ans e ed on he wi e. In his way, he p o ocol becomes open o al e na-
i e implemen a ions ega ding message ou ing and handling, and hus, in e ope abili y
and secu i y a e easie o achie e. Rega ding secu i y, AMQP suppo s enc yp ion only
o enc yp ion and au hen ica ion, based on X.509 [
7
] ce i ica es, by means o T anspo
Senso s 2022,22, 2561 5 o 38
Laye Secu i y (TLS) [
8
]. I also suppo s mul iple au hen ica ion mechanisms by means o
Simple Au hen ica ion and Secu i y Laye (SASL)
[9]
, such as anonymous, plain - ex and
MD5-digges . The ull lis o a ailable SASL mechanisms is a ailable a [10].
Message Queuing Teleme y T anspo (MQTT) is a ligh weigh and easy- o-implemen
messaging p o ocol, open OASIS [
11
] and ISO s anda d (ISO/IEC 20922) [
12
], ha wo ks
acco ding o a publish-subsc ibe pa adigm. The MQTT p o ocol de ines wo ypes o
en i ies: clien s and b oke . Usually, an MQTT b oke is a se e and MQTT clien s a e he
de ices ha connec o his se e ei he o send da a (publish) o o ecei e i (subsc ibe).
To enable he ope a ion o he MQTT p o ocol, sessions a e es ablished be ween he b oke
and he clien s. Al hough MQTT implemen s an au hen ica ion phase du ing he session
es ablishmen , he secu i y le el achie ed wi h his unc ionali y is e y limi ed since use -
names and passwo ds a e sen in clea ex . The e o e, MQTT is usually implemen ed o e
SSL/TLS sessions. Ne e heless, MQTT does no implemen any mechanism o con ol
who can publish in o ma ion in he b oke o o allow a message ecei e o au hen ica e
he o igin o a message, unless ha in o ma ion is con ained in he ac ual message payload.
Cu en ly, hese secu i y ea u es, a e implemen ed when needed on op o MQTT by
means o p op ie a y, ou -o -band messages, which esul s in inc easing he code oo p in
and making implemen a ions mo e complex.
Ex ensible Messaging P esence P o ocol (XMPP) is a s anda d p o ocol o he IETF [
13
]
designed o he s eaming o XML elemen s o e a ne wo k, in o de o achie e in e ac i e
exchange o messages and p esence in o ma ion (such as “a ailable”, “o line”, “busy” and
any o he de ined by he use wi h he p esence s anza) in a close o eal- ime ashion.
This p o ocol is based on a decen alized clien -se e a chi ec u e and i wo ks acco ding
o a publish-subsc ibe mechanism. Clien s ha e unique names and communica e wi h
o he clien s by means o an in e media y XMPP se e . In o de o p o ide his ou ing
unc ionali y be ween sou ce and des ina ion clien s belonging o di e en domains, XMPP
se e s can also communica e among hem. Apa om XMPP clien s and se e s, XMPP
ga eways may also exis , wi h he aim o ansla ing be ween XMPP and o he messaging
p o ocols ( o example, SMS o SMTP). Fo he c ea ion o XMPP s eams be ween a gi en
clien and se e , XMPP sessions mus be es ablished, which include an au hen ica ion
phase. XMPP suppo s di e en ypes o au hen ica ion mechanisms, including plain- ex
au hen ica ion, MD5 message-digges based au hen ica ion, Ke be os o he use o special
okens. A e his au hen ica ion phase, TLS is used o enc yp XMPP s eams.
Modbus [
14
] was o iginally designed by Modicon in 1979 o con ol and ga he da a
om i s ange o PLCs. Being a public and easy o use p o ocol ha equi es li le de elop-
men , Modbus was apidly widesp ead, and i became a de ac o s anda d o indus ial
communica ions. Cu en ly, i is he mos widely used p o ocol o he in e connec ion o
indus ial elec onic de ices and in o de o allow unning Modbus o e TCP/IP ne wo ks,
Modbus TCP was c ea ed. Modbus ope a es in a eques – esponse mode based on a mas e -
sla e a chi ec u e, whe e he mas e is always esponsible o ini ia ing he communica ion,
sending a eques , and wai ing o he esponse om he sla e de ice. Modbus has a
secu e e sion known as Modbus TCP Secu i y. In his secu e e sion, he p o ocol heade
is encapsula ed o e TLS, p o iding he capaci y o implemen pee au hen ica ion and
au ho iza ion, as well as ame con iden iali y and in eg i y p o ec ion. Au hen ica ion and
au ho iza ion a e achie ed by he use o X.509 3 ce i ica es wi h ex ensions o con ey oles,
which a e la e used o implemen Role Based Access Con ol (RBAC). The au ho iza ion
ules a e speci ically designed by each use .
OLE o P ocess Con ol Uni ied A chi ec u e (OPC UA) is an imp o emen o he
OPC p o ocol, which was designed o communica e da a secu ely in indus y as well as
in o he sec o s. I is an open s anda d [
15
] pla o m de eloped by he OPC Founda ion.
OPC UA can wo k on a clien /se e a chi ec u e o on a publishe /subsc ibe model and
i has been designed so ha i can be anspo ed o e mul iple exis ing p o ocols, such
as SOAP, HTTP, HTTPS o di ec ly TCP. The OPC UA da a model is based on “objec s”,
whe e an objec can be any hing om a simple piece o in o ma ion o a whole p ocedu e,
Senso s 2022,22, 2561 6 o 38
a complex sys em o an en i e plan . OPC UA has been designed wi h secu i y in mind and
has de ence in-dep h implemen ed in he di e en laye s o he a chi ec u e. Secu i y in
OPC UA can be di ided in o h ee majo blocks: T anspo Laye Secu i y, Communica ion
Laye Secu i y and Applica ion Laye Secu i y. A he anspo laye , TCP is used and
secu i y is based on s anda d TLS. On op o his, he communica ion laye implemen s
applica ion au hen ica ion and message in eg i y and con iden iali y. Applica ion au hen i-
ca ion is based on PKI in as uc u es, whe e clien s and se e s exchange X.509 ce i ica es.
Once clien s and se e s es ablish a us ed ela ionship, hey build a secu e channel a he
communica ion laye . On op o his secu e channel, OPC UA implemen s a use au hen i-
ca ion mechanism based on a use oken. The oken o ma is di e en depending on he
implemen ed applica ion le el au hen ica ion mechanism. Cu en ly OPC UA suppo s
ou ypes o use au hen ica ion: anonymous, use name/pass, x.509 3 ce i ica e, bina y
oken issued by an ex e nal au hen ica ion se ice. This in o ma ion is hen used o en o ce
access con ol mechanisms. Messages can also be enc yp ed o in eg i y p o ec ed a he
applica ion laye . This mechanism is based on g oup keys sha ed by subsc ibe s, which
ha e o access a gi en secu ed con en . Keys can be p e-sha ed o line o managed by a
cen al se e , such as Ke be os.
Cons ained Applica ion P o ocol (CoAP) is an IoT p o ocol, s anda dized by he
IETF [
16
], and mainly designed o Machine-To-Machine (M2M) communica ion. The
p o ocol is based on an asynch onous message exchange, and i suppo s URIs, p oxies and
caching capabili ies, ollowing an app oach simila o HTTP. CoAP is based on a clien -
se e model whe e clien s send asynch onous messages o se e s and wai o a esponse.
Fo hese in e ac ions GET, PUT, POST and DELETE me hods a e suppo ed. CoAP uns
o e UDP, and he e o e, DTLS is equen ly used o p o ide secu i y o CoAP communica-
ions. Usually, DTLS capable CoAP en i ies suppo RSA o ECDSA o au hen ica ion and
AES o enc yp ion.
Table 1summa izes he main cha ac e is ics o he e iewed indus ial communi-
ca ion p o ocols. As shown in Table 1, indus ial communica ions include wo ypes o
e y dis inc communica ion pa e ns: (1) Pee o pee (clien -se e ) a chi ec u es, whe e
in o ma ion p oduce s and consume s es ablish a di ec end- o-end communica ion. In
such cases, any ope a ion, such as p o iding ce ain in o ma ion o pe o ming an ac ion,
is only s a ed as a esponse o a que y sen by he clien pee . (2) B oke ed communica ion
a chi ec u es, whe e in o ma ion p oduce s and consume s do no es ablish a di ec end- o-
end communica ion. Ins ead, a b oke is used as an in e media y. The e o e, publishe s
eed in o ma ion o he b oke and consume s ead his in o ma ion om he b oke . In
his case, wo end- o-end communica ions a e es ablished, one be ween he publishe
and he b oke , and ano he one be ween he b oke and he consume . In he case o
b oke ed communica ions, wo ope a ional modes a e possible: push ope a ional mode,
whe e messages a e pushed o all subsc ibed consume s, and pull ope a ional mode, whe e
he b oke only sends messages o consume s upon eques om hei pa .
Rega ding secu i y, mos indus ial communica ion p o ocols ely on anspo laye
secu i y (TLS o DTLS depending on he anspo laye p o ocol being used) based on
public key c yp og aphy and digi al ce i ica es. In he case o b oke ed communica ions,
as wo independen anspo laye communica ions a e implemen ed o allow ou ing o
messages om publishe o subsc ibe by means o he b oke , p o ec ing in o ma ion a
he anspo laye means ha his in o ma ion will be unp o ec ed o some ime a he
in e media y b oke .
Taking in o accoun ha mos indus ial communica ion p o ocols ely on TLS/DTLS
o secu i y, speci ically DTLS in he case o wi eless UDP-based IoT de ices, he nex
sec ion will analyze how his p o ocol can be e icien ly implemen ed in IoT en i onmen s.
Then, he speci ic conce ns ega ding IIoT scena ios will be conside ed. Addi ionally, as
TLS/DTLS handshake is mos equen ly based on he exchange o X.509 digi al ce i ica es,
he impac o hese ce i ica es and he PKIs used o suppo hei li e cycle managemen in
IoT and IIoT scena ios will also be s udied.
Senso s 2022,22, 2561 7 o 38
Table 1. Summa y o indus ial communica ion p o ocols.
AMQP 1.0 MQTT XMPP OPC UA Modbus TCP CoAP
Yea 2011 1999 1999 2006 1979 2010
Communica ion
A chi ec u e Pee - o-pee o b oke ed
B oke ed: clien de ices
publish/subsc ibe in he
se e (b oke )
B oke ed: clien de ices
publish/subsc ibe in he
se e (b oke )
Clien -se e : clien s (HMI,
SCADA) di ec ly que y
se e s (indus ial de ices)
Mas e /sla e: Mas e s
(HMI, SCADA) di ec ly
que y sla es (indus ial
sys ems)
Clien -se e (IoT de ices
migh ac as clien s o
se e s).
Mul icas
communica ions also
suppo ed
Communica ion
Model PubSub (push o pull) PubSub (push) PubSub (push)
Two al e na i es:
- PubSub (push).
- Que y/ esponse
Reques / esponse Reques / esponse
In e media y
Dn i y
Op ional b oke (queues
and bindings o dis ibu e
messages o queues).
The b oke is manda o y
in p e ious e sions
B oke (Se e )
XMPP se e .
XMPP GW o ansla e o
o he messaging
p o ocols
7 7
Op ional: p oxies,
caching, ga eways o
o he p o ocols, e c.
T anspo Laye TCP, UDP and SCTP TCP, UDP and SCTP TCP SOAP, HTTP, HTTPS, TCP,
UDP, e c. TCP UDP
Secu i y
TLS/DTLS and X.509
ce i ica es o pee
au hen ica ion:
enc yp ion only o
enc yp ion and
au hen ica ion.
Ex ensible au hen ica ion:
SASL (anonymous,
plain ex ,
digges -MD5, e c.)
TLS/DTLS and X.509
ce i ica es o
clien /se e
au hen ica ion
TLS and X.509 ce i ica es
o clien -se e
au hen ica ion.
Ex ensible au hen ica ion:
SASL (plain ex ,
digges -MD5,
Ke be os e c.)
T anspo Laye :
- Based on PKIs and X.509
ce i ica es.
- Sign o sign and enc yp .
Applica ion laye :
- o e he secu e channel
es ablished in he aspo
laye .
- End use au hen ica ion
based on okens (depending
on au hen ica ion
mechanism used)
- G oup keys (one publishe ,
many subsc ibe s)
TLS and X.509 ce i ica es.
Pee au hen ica ion and
au ho iza ion, by means
o oles con eyed in
ce i ica e ex ensions.
F ame con iden iali y and
in eg i y
DTLS and X.509
ce i ica es.
Pee au hen ica ion and
ame in eg i y and
con iden iali y.
OSCORE o end o end
con iden iali y and
au hen ici y
Senso s 2022,22, 2561 8 o 38
3. A o dable DTLS o IIoT De ices
As al eady men ioned, cu en solu ions o enable scalable au hen ica ion se ices
wo ldwide ely hea ily on CA-based cen alized PKIs. This is also he basis o he well-
known TLS p o ocol [
8
]. DTLS has been c ea ed as an a emp o adap o he IoT wo ld
and he widesp ead TLS p o ocol, and hus, o p o ide a s anda d secu i y laye o IoT
applica ion le el p o ocols. In ac , DTLS has al eady become a building block o IoT
secu i y. Ne e heless, i mus be conside ed ha he secu i y le el p o ided by bo h
TLS and DTLS depends on he secu i y le el o he implemen ed c yp osys ems. Fo his
eason, cu en ly obus c yp osys ems ailo ed o he e iciency needs o IoT de ices a e
being p oposed, such as
[17,18]
. Addi ionally, quan um compu ing poses a special h ea
o TLS and DTLS communica ions, especially Sho ’s
[19]
and G o e ’s
[20]
algo i hms.
In o de o ace he h ea o quan um compu ing o cu en secu i y mechanisms, NIST
(Na ional Ins i u e o S anda ds and Technology) p oposed a con es o s anda dize pos -
quan um c yp og aphic algo i hms. A his ime, he hi d ound is in p og ess wi h only
15 candida es om he 69 s a ing ones, looking o wa d o he ou h and las ound o
he con es .
In he es o his sec ion, i s , he ope a ion o he la es e sion o DTLS (DTLS
1.3) is explained and hen, he mos ele an app oaches o make DTLS a o dable o
esou ce-dep i ed IoT de ices a e analyzed.
3.1. DTLS Fundamen als
DTLS aims o be a p o ocol equi alen o TLS, bu o e da ag am-based communica-
ions, such as UDP o Da ag am Conges ion Con ol P o ocol (DCCP). The e o e, DTLS is
simila o TLS, bu i has o sol e some p oblems inhe en o da ag am-based communica-
ions, such as packe losses and ou -o -o de a i al o packe s. To deal wi h packe losses,
DTLS implemen s a mechanism based on ime s and e ansmissions, which a e igge ed
whene e he co esponding esponse has no been ecei ed be o e he ime expi es. Wi h
espec o eo de ing, his issue is add essed by using sequence numbe s and main aining
a sequence- ela ed s a e in he communica ing pee s. When one o he pee s ecei es a
message, he ecipien pee compa es he sequence numbe wi hin he message wi h he
expec ed sequence numbe . I he ecei ed message is he nex message expec ed by he
pee , he message is p ocessed. I he ecei ed message is a u u e message, he ecipien
pee s o es he ecei ed message o la e p ocessing once all p e ious messages ha e been
ecei ed. I he ecei ed message is an old message, he message is disca ded.
DTLS ollows he same s uc u e as TLS and i is also based on a wo-laye a chi ec u e,
wi h wo main p o ocols: he DTLS handshake p o ocol and he DTLS eco d p o ocol.
The handshake p o ocol p o ides mu ual au hen ica ion as well as mechanisms o he
nego ia ion o secu i y se ings and c yp og aphic keys. Then, he DTLS eco d p o ocol
makes use o he c yp og aphic sui es and ma e ial nego ia ed in he handshake phase o
enc yp and au hen ica e, by means o Message Au hen ica ion Codes (MACs), indi idual
packe s. Figu e 3shows he DTLS 1.3 handshake exchange in which mu ual au hen ica ion
is achie ed by means o digi al ce i ica es and a mechanism based on Di ie–Hellman is
used o key exchange.
Senso s 2022,22, 2561 9 o 38
Enc yp ed/au hen ica ed
applica ion
da a
Key
Sha e
Gene a ion
Clien Hello
HelloRe yReques
Clien Hello
+
Cookie
S a eless
Cookie
Gene a ion
Key
Sha e
Gene a ion
Se e Hello
Sec e
Sha ed
Handshake
Key
Compu a ion
Sec e
Sha ed
Handshake
Key
Compu a ion
Enc yp edEx ensions
Ce i ica eReques
Ce i ica e
Ce i ica e
Ve i y
Finished
Ce i ica e
Ce i ica e
Ve i y
Finished
Ack
Da a
enc yp ion/
au hen ica ion
sha ed
sec e
key
Compu a ion
Da a
enc yp ion/
au hen ica ion
sha ed
sec e
key
Compu a ion
Figu e 3. Message exchange o he DTLS 1.3 handshake p o ocol.
DTLS e sion 1.3 implies impo an di e ences wi h espec o p e ious e sions o
he p o ocol. On he one hand, i allows imp o ing e iciency by using sho e messages;
on he o he hand, i also enhances secu i y, by emo ing weak c yp og aphic p imi i es
and including new s onge secu i y mechanisms.
As shown in Figu e 3, he DTLS 1.3 handshake is based on a sequence o message
ligh s. To s a he DTLS handshake, he clien sends a Clien Hello message o he se e . In
his message, he clien speci ies he ciphe sui es i suppo s, i s public key pa ame e s and
key sha es o he Di ie–Helmman key exchange. Op ionally, he se e may espond wi h
aHelloRe yReques message, which con ains a esh s a eless cookie gene a ed by he se e
in eal ime. When he clien ecei es his message, i mus e ansmi he Clien Hello, bu
his ime wi h he cookie added as an ex ension. When ecei ing he e ansmission o he
Clien Hello, he se e e i ies he cookie and only i he ecei ed cookie is co ec , he se e
esponds wi h a Se e Hello message, which con eys he se e ’s key sha e and speci ies he
selec ed secu i y sui e. The message exchange associa ed wi h he s a eless cookie a oids
DoS a acks wi h spoo ed IP add esses. Howe e , i is no e ec i e o p o ec om DoS
a acks o igina ed om alid IP add esses. A his poin , key sha es ha e been exchanged,
Senso s 2022,22, 2561 16 o 38
Table 3. Summa y o comp ession-based app oaches.
Au ho Comp essed Elemen s Comp ession Mechanisms Compa ibili y wi h Cu en PKIs Achie ed Ta ge ed Resou ce
Raza e al. [36] DTLS handshake and eco d p o ocol heade s New bi sequence o he 6LoWPAN NHC X62–75% C2–C2++
Cha an e al. [39]DTLS Clien Hello,Se e Hello and Reco d p o ocol
heade s 6LoWPAN NHC X58–75% C2–C2++
Schuka e al. [40] X.509 ce i ica es Sel -desc ip i e ca d e i iable ce i ica es and
a oid ASN.1 encoding 7No Speci ied No speci ied
Kwon e al. [41,42] X.509 ce i ica es CBOR encoding and emo al o ields wi h
implici ly known alues
XComp ession/ econs uc ion a he IoT bo de
ou e 37% C2–C2++
Ma ino e al. [34] X.509 ce i ica es Replaced by URI o he ull ce i ica e 770% C2
Hoglund e al. [44] X.509 ce i ica es CBOR encoding and emo al o ields wi h
cons an alues acco ding o he de ined p o ile
X
Comp ession/decomp ession a he 6LoWPAN
bo de ou e >50% C2–C2++
Senso s 2022,22, 2561 17 o 38
Rega ding he di e en communica ion models exis ing in indus ial en i onmen s, in
he case o b oke ed indus ial communica ion a chi ec u es, no di ec end- o-end connec-
ion exis s be ween he IIoT de ice, ac ing no mally as publishe , and he consume o he
indus ial in o ma ion (no mally a Human–Machine In e ace (HMI) o a SCADA sys em).
The e o e, he mos sui able solu ion in his case would be o op o an app oach simila
o G anjal e al.’s [
21
] p oposal, whe e wo independen DTLS sessions wi h di e en
cha ac e is ics a e es ablished. The communica ion be ween he b oke and he esou ce
expensi e consume could be p o ec ed using ce i ica e-based DTLS, wi hou he need
o handshake delega ion. On he o he hand, he communica ion be ween IIoT de ices
and he b oke should be p o ec ed using a mechanism ailo ed o he capaci ies o he
p o ec ed IIoT de ices, which migh be PSK-based DTLS. The dis ibu ion o PSKs in his
case, whe e all he pa icipa ing en i ies belong o he same adminis a i e domain, should
no imply a big challenge.
In he case o clien –se e communica ion a chi ec u es, whe e he DTLS session is
es ablished end- o-end di ec ly be ween he IIoT de ice and he ex e nal consume , DTLS
delega ion and heade comp ession mus be en o ced when he IIoT de ice has se e e
esou ce cons ain s. In his case, he bes op ion would be o op o a lexible delega ion
mechanism, such as he wo ks p oposed in [
32
–
34
], whe e he delega ed ope a ions can be
adjus ed depending on he speci ic capaci ies o each p o ec ed IIoT de ice. Rega ding he
en i y and whe e o delega e handshake and comp ession asks, he op imal place would
be he IIoT bo de ga eway ha in e connec s he IIoT ne wo k and he es o he ac o y
ne wo ks. This mus be a us ed en i y ha sha es a us ela ionship wi h all IIoT de ices.
In o de o implemen delega ion and comp ession asks, he IIoT ga eway will usually
ely on home-made and ailo ed so wa e implemen a ions, which a e di icul o main ain
and o keep up o da e wi h he la es secu i y pa ches. Addi ionally, i i is op ed o a ull
DTLS handshake delega ion, he IIoT de ices’ p i a e keys mus be communica ed o his
IIoT bo de ga eway. Fo all hese easons, special secu i y mechanisms mus be applied
o p o ec i , such as ha dening, as i becomes an especially ulne able en i y ha owns
ac o y-c i ical in o ma ion.
4. Public Key Enc yp ion in B oke ed Communica ions
F equen ly, indus ial scena ios a e based on he deploymen o a high numbe o
IIoT de ices ha pe asi ely ga he da a abou he en i onmen and abou he ac ual
manu ac u ing p ocesses. These da a a e hen consumed by mul iple applica ions wi h
di e en pu poses, such as he moni o ing o a speci ic manu ac u ing p ocess o doing
some business analy ics. In such con ex s, he p o ec ion o his in o ma ion by means o
adi ional ce i ica e-based public key c yp og aphy implies pe o ming he ce i ica e
exchange, key au hen ica ion and enc yp ion ope a ions indi idually o each endpoin .
When IIoT de ices a e massi ely deployed, he p o ec ion o IIoT communica ions in such
a adi ional way could o e load he IIoT ne wo k and he ac ual IIoT de ices.
In such scena ios, al e na i e enc yp ion mechanisms such as ABE, would be p e e ed.
ABE [
46
] en ails a no el c yp og aphic app oach which emo es he necessi y o digi al
ce i ica es. ABE has been c ea ed as an e olu ion o Iden i y-Based Enc yp ion (IBE).
This asymme ic c yp og aphic schema was p oposed by Shami in 1984 [
47
] and i s
main goal was o a oid he necessi y o a cen alized PKI o link iden i ies wi h hei
co esponding public keys. The idea o achie e his goal is e y simple: use as he public
key he di ec iden i y o he ecipien ( o example, hei email add ess). Acco ding o his
app oach, anyone can send a con iden ial message o an in ended ecipien wi hou needing
o download and check digi al ce i ica es, jus by using he des ina ion’s iden i y as a
public key. The i s ully- unc ional IBE implemen a ion was no a ailable un il 17 yea s
a e he idea was in oduced, and i was de eloped by Boneh and F anklin [
48
]. No long
a e wa ds, in 2004, Ami Sahai and B en Wa e s [
46
] de eloped a new c yp osys em which
gene alized his app oach. They called hei sys em Fuzzy Iden i y-Based Enc yp ion, bu
i is mo e widely known as A ibu e-Based Enc yp ion (ABE).
Senso s 2022,22, 2561 18 o 38
In ac , ABE is a pa icula ype o asymme ic enc yp ion schema whe e public/p i a e
key pai s a e no andomly gene a ed. Ins ead, he public key is speci ically de ined acco d-
ing o a policy o a ibu e se . Then, mul iple p i a e keys a e gene a ed ha would dec yp
he co esponding public key, one o each o he in ended ecipien s o he con iden ial
communica ion. The e o e, ABE is an enc yp ion mechanism ha sui s he cha ac e is ics o
b oke ed communica ions in indus ial scena ios: i emo es he necessi y o main aining a
cen alized PKI hie a chy and i allows including an access policy in he enc yp ed da a,
so ha he same enc yp ed da a can be dec yp ed by mul iple des ina ions ha ma ch he
access policy.
4.1. Fundamen als o ABE
ABE gene alizes he basic concep in oduced by IBE, whe e he public key used
o enc yp con iden ial da a is somehow linked o he iden i y o he in ended ecipien .
The undamen al concep o ABE is o use as he enc yp ion public key a se o a ibu es
ha would de ine an in ended g oup o ecipien s. Any use wi h a gi en numbe o
he equi ed a ibu es is able o ob ain he necessa y p i a e key o dec yp he message.
The e o e, ABE is especially sui able o si ua ions whe e con iden ial in o ma ion mus by
dis ibu ed o a g oup o use s, since i a oids he necessi y o dis ibu ing and managing
g oup keys, and he issues linked o hem, such as e oca ion when a use is no longe a
membe o he en i led g oup.
Cu en ly, he concep o ABE ga he s wo di e en app oaches: Key-Policy A ibu e-
Based Enc yp ion (KP-ABE) [
49
] and Ciphe ex -Policy A ibu e-Based Enc yp ion (CP-
ABE) [
50
]. Bo h al e na i es use an access ee o de ine an access policy using a ibu es.
In KP-ABE, he use s’ p i a e keys a e associa ed wi h an access policy, which may be
any mono onic ee, and he public key is associa ed wi h an a ibu e se . A use is able
o dec yp he ciphe ex i i s access policy is sa is ied by he a ibu es embedded in
he ciphe ex . The e o e, KP-ABE has one big disad an age: he en i y enc yp ing a
con iden ial message canno decide on he access policy o his message, and he e o e,
on who will be able o dec yp he con iden ial message. As a consequence, da a owne s
ha e o us he p i a e key issue when c ea ing he co esponding p i a e keys. In
CP-ABE, ins ead, he app oach is he con a y: he use s’ p i a e keys a e associa ed wi h
an a ibu e-se and he public key is associa ed wi h he access policy. The e o e, he
con iden ial da a owne s a e able o de ine he access policy ha will en i le access o he
enc yp ed da a. CP-ABE schemes ely on A ibu e Au ho i ies (AAs) o p o ide each
use wi h a p i a e key embedding he se o a ibu es co esponding o ha speci ic
use . The e o e, a co ne s one o CP-ABE c yp og aphy is a cen alized TTP known as he
AA. Use s au hen ica e o he AA and eques a p i a e key associa ed wi h hei se o
a ibu es.
As dependence on a single cen alized en i y migh be a weakness o he sys em
and migh make scalabili y di icul , many app oaches use mul iple AA en i ies and as
a esul , single-au ho i y and mul i-au ho i y ABE schemes
[51,52]
can be dis inguished.
In a single-au ho i y ABE scheme, he e is a single cen al AA en i y in o de o manage
a ibu es and issue he co esponding p i a e keys o he use s. In mul i-au ho i y ABE
schemes, hese asks a e dis ibu ed among a se o AA en i ies.
One o he main disad an ages o ABE c yp og aphy, and especially o CP-ABE, is
ha i is highly esou ce consuming, and he e o e, slow. This is especially c i ical in
IoT en i onmen s, due o he esou ce cons ain s o he in ol ed de ices. The e o e,
some au ho s [
53
] ha e p oposed o use ABE o nego ia e a g oup key in a dynamic
and au hen ica ed way. This g oup key will hen be used o e icien ly p o ec u he
communica ions wi hin he g oup. The mos expensi e ope a ion is c ea ing a “policy
ee”, and he e o e, CP-ABE is especially slow in dec yp ion ope a ions. As a gene al
es ima ion, ABE cons uc ions a e abou 20 imes slowe han adi ional asymme ic
enc yp ion. The eason o his is he execu ion o se e al pai ing unc ions ela ed o he
speci ic ma hema ical cons uc used in ABE: he Weil Pai ing. Addi ionally, he dec yp ion
Senso s 2022,22, 2561 19 o 38
ope a ion implies he execu ion o a numbe o pai ing ope a ions ha inc ease wi h he
numbe o a ibu es in ol ed in he access policy. Tha is why dec yp ion is he mos
consuming and he slowe pa o ABE.
In o de o educe he dec yp ion cos o ABE, se e al au ho s p opose o implemen
cons an a ibu es, he e o e elying on a cons an numbe o bilinea ope a ions. Fo
example, e . [
54
] p oposes a cos e ec i e CP-ABE enc yp ion scheme sui able o mobile
IoT de ices. In he p oposed schema, bo h he size o sec e keys and he size o ciphe ex s
emain cons an and i does no use bilinea maps, bu con en ional public-key c yp osys-
ems, which a e adically cheape om he esou ce consump ion poin o iew. Simila ly,
in [
55
], he au ho s p opose a new cons an size h eshold signc yp ion scheme based on
ABE. The signc yp ion mechanism combines a no el a ibu e-based signa u e mechanism
wi h he enc yp ion mechanism in o de o educe he compu a ional cos compa ed o
he op ion o pe o ming bo h ope a ions one a e he o he . The p oposal is o ien ed o
p o ec he con iden iali y and au hen ici y o da a sha ed wi h a dynamic g oup o use s
in cloud s o age en i onmen s. One o he bene i s o he p oposed mechanism is ha he
leng h o he signc yp ed message g ows linea ly wi h he numbe o a ibu es used o
signc yp ion. Howe e , he men ioned app oaches a e based on h eshold o conjunc i e
access policies, and he e o e, he achie ed exp essi eness is limi ed.
An al e na i e app oach o educe dec yp ion wo k on esou ce-dep i ed de ices is o
delega e expensi e ope a ions o he dec yp ion p ocess on a semi- us ed hi d pa y. This
app oach was i s p oposed by G een e al. [
56
] in 2011. The main idea o hei p oposal is
o delega e mos o he ABE- ela ed dec yp ion wo k in a cloud-based ex e nal en i y. Fo
his aim, he IoT de ice gene a es a ans o ma ion key om i s sec e key and sha es i
wi h a semi- us ed cloud se e . The cloud se e pa ially dec yp s he ABE-enc yp ed
ciphe ex by using he ans o ma ion key and p o ides he IoT de ice a sho e and
pa ially dec yp ed ciphe ex , which he IoT de ice can dec yp in jus one exponen ia ion
ope a ion.
G een e al.’s app oach is simila o he p oxy e-enc yp ion concep [
57
,
58
] whe e an
un us ed p oxy is p o ided wi h a e-enc yp ion key and i is able o e-enc yp a ciphe ex
enc yp ed wi h a gi en key
K1
wi h a di e en key
K2
wi hou lea ning any hing abou
he con en o he p o ec ed message. This app oach is commonly known as ou sou ced
dec yp ion. In his case, i mus be gua an eed ha he semi- us ed hi d pa y is no able
o gain any in o ma ion abou he enc yp ed message du ing he pa ial dec yp ion p ocess
and ha i is no able o modi y he enc yp ed message and p o ide he use wi h a o ged
e sion o he o iginal message. Some app oaches ha e been in oduced o ensu e hese
secu i y p ope ies [59–61].
The wo k in [
62
] di e s om p e ious delega ion-based p oposals because i akes
in o accoun he indi idual con ex - ela ed pa ame e s, including he u iliza ion le el o
he IoT de ice, he amoun o a ailable esou ces, he complexi y o he access policy o
be used and he size o he da a o be enc yp ed. Thanks o a machine lea ning echnique,
he p oposed sys em is able o dynamically de e mine i he ull ABE enc yp ion could
be pe o med by he IoT de ice o i pa o hese asks should be o loaded o a mo e
powe ul en i y.
4.2. ABE as an Al e na i e o PKIs in IIoT
ABE o IBE schemes can be conside ed as an al e na i e o adi ional PKIs ha allow
he eliable u iliza ion o public key c yp og aphy wi hou he use o ce i ica es. In 2015,
Reimai e al. [
63
] iden i ied ABE as an al e na i e o acing he p oblems o cu en PKIs.
Howe e , as PKIs had al eady been widely deployed in indus y, he au ho s p oposed
a way o in eg a ing he bene i s o ABE in o cu en PKI sys ems. Wi h his aim, hey
p oposed o eplace cen alized CAs by a cen al Secu i y Module (SM), which e i ies
use s’ a ibu es and dec yp s messages o en i led use s. In his way, bo h endpoin s
a e able o use public key c yp og aphy wi hou needing o add ess iden i y managemen
and key au hen ica ion issues. As an al e na i e app oach o ha ing he SM dec yp ing
Senso s 2022,22, 2561 20 o 38
con iden ial in o ma ion, ABE could be used o enc yp a symme ic key used o enc yp
he ac ual con iden ial da a. In his case, since he SM does no ecei e he con iden ial
in o ma ion, has a ha de ime in ea esd opping on con iden ial da a.
On he o he hand, as a speci ic mechanism o eplace PKIs wi h ABE c yp og aphy,
he wo k in [
64
] p esen s a new signing and enc yp ion scheme o IoT, which a oids
he necessi y o e i ying public keys and s o ing pee s’ ce i ica es. In he p oposed
schema, he public key o he de ice co esponds o some iden i y in o ma ion and he
co esponding p i a e key is gene a ed by an ex e nal us ed en i y known as he P i a e
Key Gene a o (PKG) and communica ed o he IoT de ice by means o a secu e channel
es ablished ou -o -band. Fo he gene a ion o p i a e keys, he PKG owns a sys em
wide mas e sec e key. The signing and enc yp ion is pe o med in wo s eps, bo h o
hem pe o med by he IoT de ice. The i s s ep in ol es mos compu a ion expensi e
ope a ions and i is pe o med o line, be o e he ac ual message is known. The second s ep
ga he s compu a ions ha mus be ca ied ou once he message is known. The esul s o
he pe o mance e alua ion show ha i is sui able o a Raspbe y Pi B wi h a 900-MHz
Quad-co e ARM Co ex-A7 CPU and 512 MB RAM.
In o de o gua an ee end- o-end secu i y o da a in IoT applica ions, he au ho s in [
65
]
p opose o enc yp con iden ial da a wi h a symme ic key and o enc yp his symme ic
key using ABE. The enc yp ing en i y i s ga he s all he a ibu es o communica ing
en i ies and hen enc yp s he da a wi h he selec ed a ibu es, depending on which
des ina ions should ead he da a. In o de o be able o achie e ull g anula i y, he de ice
iden i y is always an a ibu e. The p o ided pe o mance e alua ion shows ha he
p oposed sys em uns adequa ely in a Raspbe y Pi B wi h a 700-MHz ARM11 CPU and
512 MB RAM.
Ta ge ing he speci ic In elligen T anspo Sys ems (ITS) con ex , he au ho s in [
66
]
p opose a hyb id secu i y a chi ec u e o Vehicula Ad hoc Ne wo ks (VANETs) ha
combines PKIs wi h ABE and an iden i y manage . PKI-based enc yp ion is used when
da a is sen o a single des ina ion and ABE is used when he message is sen o a g oup o
use s. To suppo he p oposed sys em, a new secu i y en i y is in oduced: he T us ed
Au ho i y. This T us ed Au ho i y is esponsible o gene a ing he ABE public pa ame e s
and he dec yp ion keys acco ding o he a ibu es claimed by use s. The ob ained esul s
show ha when he numbe o in ol ed ehicles is g ea e han wo, he ABE mode
achie es be e pe o mance han adi ional PKI-based enc yp ion.
Wi h a di e en applica ion scena io, he au ho s in [
67
] p opose a mechanism o
e icien ly sea ch wi hin da a enc yp ed wi h a public key. The ounda ion o he p oposed
sys em a e bilinea pai ings, he ma hema ical cons uc ion ha suppo s ABE. Con iden ial
da a is enc yp ed wi h a public key and keywo ds a e enc yp ed including policy-based
a ibu es (ABE). Fo he gene a ion o he co esponding p i a e keys, he concep o a Key
Gene a ion Cen e is in oduced.
Based on bilinea pai ings, Chien [
68
] p oposes a solu ion o mi iga e he p oblem
o he agg ega ed communica ion o e head gene a ed by he au hen ica ion p ocesses
o massi ely deployed IoT de ices. The solu ion is speci ically aimed a 3G and 4G
ne wo ks and he undamen al concep is ha each home ne wo k o ganizes i s managed
de ices in g oups and assigns each g oup an iden i y. Then, he au hen ica ion p ocess is
delega ed o he AP, which pe o ms i locally. The esul ing solu ion imp o es scalabili y
o au hen ica ion and key ag eemen in mobile ne wo ks.
Re . [
69
] p esen s an IBE-based secu i y a chi ec u e o IoT ne wo ks which p o ides
au hen ica ion, au ho iza ion and accoun ing, using each elemen ’s name as he public key.
In his way, a eliable link is es ablished be ween public keys and iden i ies wi hou he need
o CA-signed digi al ce i ica es. The pape p oposes a complex a chi ec u e model whe e
end IoT de ices a e connec ed o De ice Hos s and hese De ice Hos s communica e wi h
ex e nal en i ies by means o Ga eways. Based on his a chi ec u e, a double access con ol
schema is p oposed, whe e clien s a e i s au hen ica ed and au ho ized by Ga eways o
access a De ice Hos ; and hen, by he De ice Hos o access he end IoT de ice.
Senso s 2022,22, 2561 21 o 38
Rega ding he speci ic indus ial con ex , he wo k in [
70
] p oposes a secu e e sion
o MQTT based on KP/CP-ABE, whe e he MQTT b oke is in cha ge o p o iding pub-
lic/p i a e keys o publishe s and subsc ibe s a e egis a ion. The e o e, he MQTT
b oke ge s o know he p i a e keys o all he en i ies o he ne wo k.
The discussed implemen a ions o ABE as an al e na i e o PKI sys ems a e summa-
ized in Table 4.
4.3. Discussion on ABE as an Al e na i e o Cen alized PKIs
The use o ABE emo es he need o iden i y managemen o he p o ec ion o
con iden ial in o ma ion. Mo e speci ically, in CP-ABE, in o ma ion is enc yp ed acco ding
o an a ibu e-based access con ol policy, so ha only des ina ions ha own he necessa y
a ibu es a e able o dec yp he enc yp ed da a. The e o e, i emo es he need o exchange
CA-based ce i ica es. Howe e , a mechanism is needed o check he e aci y o he
a ibu es claimed by each en i y, in o de o assu e ha dec yp ion keys a e only p o ided
o en i led des ina ions. This is usually pe o med by means o he inclusion o some
cen al en i y o a ibu e e i ica ion and gene a ion o dec yp ion keys. Addi ionally,
in o de o check he a ibu es owned by each en i y, mos equen ly au hen ica ion
mechanisms a e used, linking a ibu es o au hen ica ed iden i ies. This au hen ica ion
could be pe o med by dis ibu ion o symme ic sha ed keys wi hin an o ganiza ion, o
example a ac o y; o by means o digi al ce i ica es, in a b oade con ex . In he la e case,
he iden i y managemen p oblem is mo ed om he esou ce-dep i ed IoT de ices o he
mo e powe ul a ibu e au ho i ies.
ABE is e y well sui ed o indus ial communica ions since i is especially adequa e
o communica ion scena ios whe e da a a e o be ead by mul iple des ina ion en i ies.
This is he case o pubsub o b oke ed indus ial communica ion models, whe e IoT de ices
publish da a in queues o which mul iple des ina ions could be subsc ibed. In hese cases,
he use o ABE a oids he need o enc yp ing in o ma ion wi h he public key o each
in ended des ina ion. Ins ead, in o ma ion is enc yp ed jus once, wi h he app op ia e
a ibu e-based access con ol policy, and all des ina ions ha ma ch he access con ol
policy will be able o ead i .
Addi ionally, ac ual end- o-end con iden iali y is gua an eed in b oke ed communica-
ions, as opposed o wha happens when common anspo laye secu i y p o ocols such
as TLS o DTLS a e used. In ac , as TLS and DTLS sessions end a he b oke , con iden ial
in o ma ion emains unp o ec ed he e, and he b oke is able o access his con iden ial
in o ma ion. Con e sely, since ABE is pe o med a he applica ion laye , he con iden ial
da a emains enc yp ed e en a he b oke , which will no be able o dec yp i unless i
complies wi h he access con ol policy. Figu e 5compa es end- o-end ABE enc yp ion o
DTLS-based anspo laye enc yp ion. As shown in Figu e
5
a, when ABE is used, da a
is enc yp ed jus once o all he in ended ecipien s. All he ecipien s whose a ibu es
ma ch he de ined enc yp ion access con ol policy a e able o dec yp he enc yp ed da a.
Addi ionally, da a emains enc yp ed du ing all he s ages o he ansmission pa h, e en
a he b oke . Ins ead, when anspo laye secu i y is used (as in Figu e
5
b), da a mus be
enc yp ed o each indi idual anspo laye connec ion, which esul s in da a dec yp ion
and e-enc yp ion a he b oke . The e o e, da a emains unenc yp ed o some ime in he
b oke , wi h he secu i y issues ha i en ails. Addi ionally, a he b oke , da a mus be
indi idually enc yp ed o each in ended inal ecipien .
Senso s 2022,22, 2561 22 o 38
Table 4. Summa y o app oaches based on using ABE as an al e na i e o PKIs.
Au ho Enc yp ion Mechanism Enc yp ion Con en Dec yp ion Secu i y wi h In e media y Thi d
Pa y Ta ge ed Resou ce
Reimai e al. [63] IBE/ABE Con iden ial message o symme ic
key used o enc yp con iden ial
message Pe o med by he secu i y module No speci ied PCs o Sma phones (HW
speci ica ions no de ailed)
Ting e al. [64] IBE Con iden ial message Gene a ed by a TTP: P i a e Key
Gene a o Secu e channel es ablished by
o line me hods
Raspbe y Pi B wi h a 900-MHz
Quad-co e ARM Co ex-A7 CPU
and 512 MB RAM
Choi e al. [65] CP-ABE Symme ic key used o enc yp
con iden ial message A ibu e ce i ica es issued by an
IoT CA Secu e channel es ablished by
o line me hods Raspbe y Pi B wi h a 700-MHz
ARM11 CPU and 512 MB RAM
Gonçal es e al. [66] ABE Symme ic key used o enc yp
con iden ial message Dec yp ion keys gene a ed by he
T us ed Au ho i y
Communica ions wi h he T us ed
Au ho i y (TA) secu ed by means o
ce i ica e-based public key
communica ions.
Nodes a e p e-loaded wi h he TA’s
ce i ica e.
Pe sonal Compu e wi h an In el
Co e i7 and 16 GB RAM
Ma e al. [67] CP-ABE Keywo ds desc ibing da a s o ed in
cloud Pa ial p i a e keys gene a ed by a
TTP: Key Gene a ion Cen e No secu e channel needed Dell PC wi h an I5-4460S 2.90-GHz
p ocesso , 4 GB RAM and Windows
8 ope a ing sys em
Chien [68]Bilinea pai ing-based
c yp og aphy Au hen ica ion keys P i a e key gene a ed and owned
by he Regis e ed Home No needed 3G/4G-enabled de ices. HW
cha ac e is ics no speci ied
Zque e e al. [69] IBE Au ho iza ion icke issuing
p o ocol messages P i a e keys gene a ed and owned
by each de ice No needed No Speci ied
Rahman e al. [70] ABE MQTT messages P i a e keys gene a ed by MQTT
b oke No speci ied
A duino Uno mic ocon olle boa d
based on ATmega328P
Senso s 2022,22, 2561 23 o 38
Publishe
...
BROKER
pub(ABE-enc yp ed
da a)
Subsc ibe
subsc ibe( opic)
ABE
enc yp ion
Access
Con ol
Policy:
sec ion=p oduc ion
Topic
1
Topic
2
...
...
ABE-enc yp ed
da a
Subsc ibe
subsc ibe( opic)
ABE-enc yp ed
da a
A ibu es:
sec ion
=
p oduc ion
A ibu es:
sec ion
=
managemen
Dec yp ion
success ul
Dec yp ion
ailed
Publishe
...
BROKER
DTLS
session
1
Subsc ibe
Topic
1
Topic
2
...
...
Subsc ibe
Raw
da a
Da a
enc yp ed
a
he
anspo
laye
DTLS
session
2
Da a
enc yp ed
a
he
anspo
laye
Da a
enc yp ed
a
he
anspo
laye
DTLS
session
3
(a)
End- o-end
secu i y
hanks
o
ABE
enc yp ion
a
he
applica ion
laye
(b)
T anspo
laye
secu i y
p o ided
by
DTLS
Figu e 5. Compa ison be ween: (a) end- o-end enc yp ion p o ided by ABE and (b) anspo laye
enc yp ion p o ided by DTLS whe e end- o-end con iden iali y is b oken a he b oke .
5. Al e na i es o Cu en Cen alized CA-Based PKIs
As al eady in oduced, public key c yp og aphy p o ides he ounda ions o es ablish
eliable and scalable secu i y mechanisms wo ldwide. In his ega d, PKIs cons i u e a
basic suppo ing pilla o he u iliza ion o public key c yp og aphy wo ldwide nowadays.
Howe e , cu en cen alized CA-based PKIs p esen impo an p oblems, which a e
exace ba ed in he case o massi ely deployed and esou ce-dep i ed IoT de ices.
The i s p oblem is ela ed o he lack o us on cu en cen alized CAs. This lack
o us may be a consequence o secu i y a acks pe pe a ed by malicious a acke s o
secu i y bugs in he so wa e un by he CAs. These p oblems can a ec any o he di e en
s ages o ce i ica e li ecycle managemen , such as ce i ica e eques , ce i ica e signa u e o
ce i ica e e i ica ion. Fo example, in 2015, i was disco e ed ha he ACME (Au oma ic
Ce i ica e Managemen En i onmen ) p o ocol used by Le ’s Enc yp o au oma ically
Senso s 2022,22, 2561 24 o 38
issue digi al ce i ica es su e ed om a secu i y law which allowed po en ial a acke s
o ob ain ce i ica es o domains hey did no own [
71
]. Mo eo e , in 2015, i was ound
ou ha o e se e al yea s, Syman ec had been issuing unau ho ized es ce i ica es o
a ound 76 di e en domains wi hou he domain owne s being awa e o i [
72
]. As a
consequence, in 2018, se e al majo pla o ms announced hei dis us o Syman ec’s
public key in as uc u e [
73
]. In 2016, se e al secu i y laws we e published ega ding he
mechanisms used by Comodo CA o alida e domains [
74
,
75
], esul ing in unau ho ized
c ea ion o ce i ica es. Simila ly, in 2019, Ce inomis CA was ound o ha e been issuing
unau ho ized ce i ica es o di e en domains, leading o Mozilla emo ing Ce inomis
CA ce i ica e om i s lis o us ed oo CA ce i ica es [76].
Howe e , lack o us o CAs goes beyond echnical secu i y issues and i is also
associa ed wi h go e nmen s o co po a ions owning and managing CAs. Al hough
ini ially he In e ne was buil on he concep o us , in he pos -Snowden e a his is
no longe he p emise. In ac , CAs belong o companies o ins i u ions, which could
le e age hei p i ileged posi ion as us ce i ica ion au ho i ies o a ack o he coun ies
o ins i u ions o o spy on ci izens [
77
,
78
]. The e ha e e en been accusa ions o cybe -
me cena ies ac ing on behal o go e nmen s o include malicious oo CA ce i ica es in
he da abases o big playe s such as Mozilla, Mic oso , Google o Apple [
79
]. Fu he mo e,
a s udy ca ied ou in 2013 [
80
] abou he HTTPS Ce i ica e Ecosys em e ealed ha 99%
o he CAs a e concen a ed in 10 coun ies. Addi ionally, ega ding oo CAs, jus 20% was
owned by comme cial o ganiza ions and he o he 80% belonged o eligious ins i u ions,
museums, lib a ies and inancial ins i u ions. On he o he hand, he s udy also ound ou
ha om a sample o 8.1 million se e ce i ica es, only 40% we e alid ce i ica es. The
emaining 60% we e sel -signed ce i ica es (48%), ce i ica es signed by unknown issue s
(33%) and ce i ica es signed by un us ed CAs (19%).
Ano he impo an issue e e s o scalabili y. Acco ding o Ga ne [
81
], by 2025 he e
will be abou 25,000 million IoT connec ions. This implies an impo an bu den o he
cu en cen alized PKI a chi ec u e and i a ec s all he asks ela ed o ce i ica e li ecycle
managemen in ol ing CAs, such as, ce i ica e eques , domain alida ion, ce i ica e
dis ibu ion o ce i ica e e oca ion. As a esul , mo e CAs will be c ea ed o ace he
e e g owing numbe o ce i ica es, augmen ing he p oblem o moni o ing he us and
secu i y o CAs.
Taking in o accoun ha cu en cen alized PKIs p esen impo an p oblems e-
ga ding lack o us and scalabili y, al e na i e app oaches ha e been p oposed, which
emo e he necessi y o cen alized PKIs. On he one hand, blockchain echnology has
eme ged as a sui able candida e o sol e hese issues. I s dis ibu ed na u e, bo h ega ding
us managemen and compu a ion and s o age, a oids he scalabili y and lack o us
issues inhe en o cen alized a chi ec u es. Howe e , he p ac ical implemen a ion o
blockchain echnologies also implies signi ican pe o mance challenges [
82
,
83
], mainly
ela ed o he s o age capaci y needed o keep he block chain and he compu a ion cos
o he execu ion o he consensus algo i hm. These challenges a e especially c i ical in he
case o esou ce-dep i ed IoT de ices.
5.1. Blockchain Fundamen als
Blockchain is a echnology used o egis e and e i y ansac ions in a dis ibu ed
manne and ollowing a consensus algo i hm among all he pa icipa ing nodes. Al hough
blockchain is an old echnology, i became e y popula in 2008 when Sa oshi Nakamo o
s a ed o used i as he building block o a new c yp o cu ency: Bi coin [84].
The blockchain dis ibu ed ledge consis s o blocks and each block has a heade and a
body. The heade includes in o ma ion abou he block, such as a imes amp and a hash o
he p e ious heade block. This hash is used o conca ena e blocks in he blockchain in an
immu able and un o geable manne . I he con en o a block is modi ied, he esul o he
hash compu a ion will also change, and he e o e he change will be de ec ed. In he same
way, i a block is dele ed o a new block added o he chain, he hashes will also di e and
Senso s 2022,22, 2561 25 o 38
he chain will be b oken. On he o he hand, he body o he block consis s o con i med
and alida ed ansac ions. E e y ansac ion in he block should be digi ally signed wi h
he p i a e key o he owne , ensu ing he au hen ici y o he ansac ion. The s uc u e o
he blocks ha o m he blockchain is ep esen ed in Figu e 6.
Hash
o
p e ious
heade
block
C ea ion
Times amp
Nonce
(P oo
o
Wo k)
Block
Numbe
Me kle
Roo
( ansac ions
o
cu en
block)
HEADER
T ansac ion
2
T ansac ion
n
T ansac ion
1
...
BODY
BLOCK
N+1
Hash
o
p e ious
heade
block
C ea ion
Times amp
Nonce
(P oo
o
Wo k)
Block
Numbe
Me kle
Roo
( ansac ions
o
cu en
block)
HEADER
T ansac ion
2
T ansac ion
n
T ansac ion
1
...
BODY
BLOCK
N
Hash
o
p e ious
heade
block
C ea ion
Times amp
Nonce
(P oo
o
Wo k)
Block
Numbe
Me kle
Roo
( ansac ions
o
cu en
block)
HEADER
T ansac ion
2
T ansac ion
n
T ansac ion
1
...
BODY
BLOCK
N-1
Figu e 6. S uc u e o he blocks in he blockchain.
A blockchain ne wo k migh consis o wo ypes o nodes: nodes ha jus ead
ansac ions and nodes ha ead and w i e ansac ions. The la e a e known as mine s.
When he e is a su icien ly la ge numbe o ansac ions (in Bi coin 1 MB o da a), hey a e
packed oge he in a block. Mine s e i y da a ansac ions wi hin he block, acco ding o
de ined ules, and hey alida e he new block by means o a consensus algo i hm and he
new block is s o ed in he blockchain. Mine s a e ewa ded in o de o alida e new blocks.
All o he en i ies pa icipa ing in a ansac ion, as well as an impo an numbe o hi d
pa ies, keep a copy o he blockchain, making i un easible o modi y all he copies o he
blockchain in o de o o ge a ansac ion.
The e a e many di e en consensus algo i hms o ag ee on he da a in eg i y o a block
among all blockchain nodes. One o he mos well-known consensus algo i hms is he
p oo -o -wo k (PoW) [
85
], as i is he one used by he popula Bi coin c yp o cu ency. In
his case, mine s alida e he legi imacy o each ansac ion included in a block by sol ing
a di icul and compu a ionally expensi e ma hema ical p oblem, which canno be sol ed
wi hou b u e o ce. The e o e, mine s compe e o ind a solu ion o his p oblem and he
i s one o compu e a alid solu ion is ewa ded in he blockchain. Once a alid solu ion is
p o ided, i s co ec ness can be easily e i ied by he es o he pa icipa ing nodes.
Ano he popula consensus algo i hm is he P oo -o -S ake (PoS) [
86
]. In his case,
each s ake (mine ) owns a walle and some cu ency used in he blockchain. PoS is no
as compu a ionally expensi e as PoW because mine s do no compe e among hem o be
he i s o sol e a complex ma hema ical puzzle. Ins ead, he ne wo k selec s he nodes o
alida e a gi en block acco ding o how many coins hey own. Valida ing nodes a e no
ewa ded pe block, ins ead hey ake ansac ion ees.
Blockchains can be public o p i a e. Public blockchains a e dis ibu ed ledge s
whe e he in eg a ing nodes do no us each o he , while p i a e blockchains a e usually
implemen ed wi hin an o ganiza ion and all he nodes o he blockchain a e membe s o
he o ganiza ion. Among public blockchains, Bi coin is wi hou doub he mos enowned
one. Ano he popula blockchain is E he eum [
87
], a pla o m used o c ea e any ype
Senso s 2022,22, 2561 32 o 38
en i ies ou side he ac o y domain. I only makes sense o delega e DTLS asks when
he communica ion is end- o-end be ween an IIoT de ice and an ex e nal en i y. In o he
cases, such as a b oke ed communica ion, i would be p e e able o op o a PSK-based
DTLS session be ween he IIoT de ice and he b oke , and a ce i ica e-based DTLS session
be ween he b oke and he ex e nal en i y.
Full DTLS handshake delega ion achie es e y li le memo y oo p in s, bu i implies
he delega ion o he IoT de ice’s p i a e key. The e o e, i is jus i ied in e y cons ained IoT
de ices, such as C0-C1 mo es, which a e no able o pe o m he handshake by hemsel es.
I he in ol ed IIoT de ices a e mo e powe ul ( aspbe y- o a duino-like), hen a pa ial
delega ion o DTLS asks is a p e e able op ion. This solu ion allows o sa e s o age, ene gy
and p ocessing esou ces in he IIoT de ice by ou sou cing some hea y asks, bu wi hou
he secu i y conce ns associa ed wi h making known o a hi d pa y he p i a e keys o
IIoT de ices. The mos sui able app oaches a e hose ha allow o lexibly selec how many
and which asks o delega e depending on he ype o de ice and i s ins an aneous s a e.
In such cases, he ne wo k adminis a o could decide on he ade-o be ween secu i y
and pe o mance o each speci ic use case. In any case, as p e iously explained, i he
TTP nego ia es he c yp og aphic ma e ial o be used in he DTLS session, i has all he
equi ed knowledge o sni in he subsequen DTLS communica ions p o ec ed wi h ha
c yp og aphic ma e ial.
A mo e s aigh o wa d ype o delega ion and one which enhances he secu i y le el
o he solu ion is o in eg a e in he IIoT de ices a speci ic secu i y module, such as a
TPM. This module s o es in a mo e obus way all he c yp og aphic keys and pe o ms
c yp og aphic compu a ions mo e e icien ly. Howe e , in mos indus ial scena ios, he
in eg a ion o a TPM in each IIoT de ice is ou o he scope, due o he inc ease in complexi y
and cos .
Addi ionally, comp ession mechanisms a e p esen ed as a way o sa ing IIoT de ices’
esou ces, especially s o age and ba e y, in DTLS communica ions. These mechanisms a e
complemen a y o he delega ion mechanisms and allow o educe he size o he DTLS
p o ocol heade s and o he X.509 ce i ica es, mainly by using non-s anda d o ma s. The
educ ion o he size o messages esul s in less agmen a ion, and he e o e, emo es
he secu i y ulne abili ies associa ed wi h packe agmen a ion. The mo e na u al place
o pe o m he ansla ion be ween comp essed and s anda d messages is he IIoT ga e-
way a he bounda y o he IIoT ne wo k. Howe e , he use o non-s anda d p o ocols
and messages is no ecommended in indus y since i hinde s in e ope abili y and lex-
ibili y. Addi ionally, non-s anda d p o ocol messages could be subjec o new unknown
secu i y laws.
On he o he hand, ABE s ands ou as a sui able mechanism o gua an ee end- o-end
con iden iali y in b oke ed PubSub communica ion models, which a e e y equen in
indus ial scena ios. In such cases, DTLS enc yp ion a he anspo laye is no enough
o p o ec he con iden iali y o he ansmi ed da a end- o-end, since he anspo laye
session ends a he b oke , and applica ion laye enc yp ion, such as ABE, is necessa y. As
ABE in eg a es an a ibu e-based access con ol policy in he enc yp ion p ocess, i allows
he publishe o enc yp he in o ma ion jus once and any subsc ibe owning a dec yp ion
key ha ma ches he enc yp ion policy will be able o dec yp i . Addi ionally, as ABE
enc yp ion is based on a ibu es, i emo es he need o IIoT de ices o manage iden i ies
and he e o e, o deal wi h ce i ica es.
Howe e , ABE enc yp ion is esou ce-expensi e and canno be pe o med by he mos
se e ely cons ained IIoT de ices, such as C0-C1 mo es. A leas a duino- o aspbe y-like
capaci ies a e equi ed. Addi ionally, he use o ABE in ol es new challenges ela ed o he
secu e and us wo hy managemen o a ibu es. Fo his aim, a TTP is usually in oduced
o au hen ica e a ibu es and gene a e dec yp ion keys. The au hen ica ion o a ibu es
is equen ly based on iden i y au hen ica ion and he e o e, he iden i y-managemen
p oblem is shi ed om esou ce-dep i ed IIoT de ices o esou ce- iche TTPs.
Senso s 2022,22, 2561 33 o 38
Finally, cu en PKIs also su e om lack o us on he cen alized CAs and di icul
scalabili y. Thanks o i s dis ibu ed na u e, he blockchain echnology p esen s a sui able
al e na i e o add ess hese issues. Howe e , pa icipa ing in a blockchain implies high
esou ce consump ion ega ding s o age capaci y, in o de o s o e he blockchain, and
p ocessing, o execu e he consensus algo i hm. IIoT de ices a e no able o mee hese
needs, no e en he mos powe ul ones, such as Raspbe y Pi 2 Model B wi h a 900-MHz
Quad-co e ARM Co ex-A7 CPU and 1 GB RAM. Fo his eason, he implemen a ion o
dis ibu ed ledge s in IIoT ne wo ks, necessa ily implies he delega ion o mos consuming
asks, such as blockchain s o age and mining, o esou ce- iche de ices, while he IIoT
de ices a e in eg a ed as ligh nodes. In indus ial scena ios, some o he en i ies o he
indus ial plan could suppo he IIoT de ices by implemen ing he ull blockchain nodes
ha aid he ligh IIoT nodes in he alida ion o he ansac ions and he s o age o blocks.
All in all, he E he eum blockchain wi h he p oo o s ake consensus algo i hm and
sma con ac s’ suppo has been ecognized as he mos sui able app oach o implemen
decen alized PKIs in IoT ne wo ks. The IOTA ne wo k has also been iden i ied as a
p omising app oach, bu i is a no el de elopmen wi h no as much suppo a ailable ye .
I mus be no ed ha all he p oposed app oaches ely on a cen alized hi d pa y o
aid he IIoT de ices in he co esponding ope a ions: in he case o he DTLS delega ion-
and comp ession-based app oaches, his hi d pa y is he en i y whe e ce ain asks a e del-
ega ed o whe e he ansla ion be ween comp essed and s anda d o ma s is pe o med. In
he case o ABE-based app oaches o eplace adi ional KPIs, he hi d pa y is esponsible
o a ibu es’ alida ion and o he gene a ion o dec yp ion keys. Finally, in blockchain-
based app oaches, he hi d pa y aids IIoT de ices in asks ha exceed hei capaci y such
as s o age o he ull blockchain o execu ion o he consensus algo i hm. The e o e, new
secu i y conce ns a ise ega ding he p o ec ion o he communica ions be ween he IIoT
de ices and he hi d pa y, especially when i mus be a us ed en i y. This issue is usually
sol ed by he ou -o -band dis ibu ion o PSKs wi hin he ac o y domain.
7. Conclusions
This pape su eys he al e na i es p oposed in he li e a u e so a o ackle he
challenges aised by he use o ce i ica e-based public key c yp og aphy in IIoT scena ios.
The iden i ied challenges co e a wide scope o issues ela ed o esou ce limi a ions o
IIoT de ices, scalabili y, long li e ime o indus ial sys ems, one- o-many communica ion
models and lack o us in cen alized CAs. The e o e, di e en ypes o solu ions ha e
been p oposed in he li e a u e, each add essing speci ic challenges. The p oposed solu ions
a e complemen a y and hey depend on he applica ion scena io and he cha ac e is ics o
he in ol ed IIoT de ices.
The main goal o his pape is o p o ide a ma ching be ween he iden i ied challenges
and he su eyed solu ions, as well as an in-dep h classi ica ion and analysis o he exis ing
al e na i e app oaches, de ailing hei p os and cons, and speci ying he applica ion scena -
ios whe e hey i . The inal aim is o p o ide IIoT ne wo k designe s and adminis a o s
wi h a use ul ool o selec he bes app oach o secu e hei speci ic deploymen .
Au ho Con ibu ions:
Concep ualiza ion, J.A., M.B., A.U. and E.J.; me hodology, J.A., M.B., A.U.
and E.J.; in es iga ion, J.A., M.B., A.U. and E.J.; w i ing—o iginal d a p epa a ion, J.A.; w i ing—
e iew and edi ing, M.B., A.U. and E.J. All au ho s ha e ead and ag eed o he published e sion o
he manusc ip .
Funding:
This wo k was inancially suppo ed by he Eu opean commission h ough ECSEL-JU 2018
p og am unde he COMP4DRONES p ojec (g an ag eemen N
◦
826610), wi h na ional inancing
om F ance, Spain, I aly, Ne he lands, Aus ia, Czech, Belgium and La ia. I was also pa ially
suppo ed by he Ayudas Ce e a pa a Cen os Tecnológicos g an o he Spanish Cen e o he De elop-
men o Indus ial Technology (CDTI) unde he p ojec EGIDA (CER-20191012), and in pa by he
Depa men o Economic De elopmen and Compe i i eness o he Basque Go e nmen h ough he
p ojec TRUSTIND—C ea ing T us in he Indus ial Digi al T ans o ma ion (KK-2020/00054)
Senso s 2022,22, 2561 34 o 38
Ins i u ional Re iew Boa d S a emen : No applicable.
Con lic s o In e es : The au ho s decla e no con lic o in e es .
Re e ences
1.
Salih, K.O.M.; Rashid, T.A.; Rado ano ic, D.; Bacanin, N. A Comp ehensi e Su ey on he In e ne o Things wi h he Indus ial
Ma ke place. Senso s 2022,22, 730. [C ossRe ] [PubMed]
2.
Nu , N.M.; Yusnani, M.Y.; Mohammed, A.S.; Hashim, H. Hyb id c yp og aphic app oach o in e ne o hings applica ions: A
e iew. J. In . Commun. Technol. 2020,19, 279–319.
3.
Fe nández-Ca amés, T.M. F om P e-Quan um o Pos -Quan um IoT Secu i y: A Su ey on Quan um-Resis an C yp osys ems
o he In e ne o Things. IEEE In e ne Things J. 2020,7, 6457–6480. [C ossRe ]
4.
Alexande , P.; Baashi ah, R.; Abuzneid, A. Compa ison and Feasibili y o Va ious RFID Au hen ica ion Me hods Using ECC.
Senso s 2018,18, 2902. [C ossRe ] [PubMed]
5.
Wang, P.; Li, B.; Shi, H.; Shen, Y.; Wang, D. Re isi ing Anonymous Two-Fac o Au hen ica ion Schemes o IoT-Enabled De ices
in Cloud Compu ing En i onmen s. Secu . Commun. Ne w. 2019,2019, 2516963. [C ossRe ]
6.
OASIS Ad anced Message Queuing P o ocol (AMQP) Ve sion 1.0. OASIS S anda d. 2012. A ailable online: h p://docs.oasis-
open.o g/amqp/co e/ 1.0/os/amqp-co e-comple e- 1.0-os.pd (accessed on 20 Feb ua y 2022).
7.
Coope , D.; San esson, S.; Fa ell, S.; Boeyen, S.; Housley, R.; Polk, W. In e ne X.509 Public Key In as uc u e Ce i ica e and
Ce i ica e Re oca ion Lis (CRL) P o ile; Technical Repo , IETF, RFC 5280. 2008. A ailable online: h ps://da a acke .ie .o g/
doc/h ml/ c5280 (accessed on 20 Feb ua y 2022).
8.
Resco la, E. The T anspo Laye Secu i y (TLS) P o ocol Ve sion 1.3; Technical Repo , IETF, RFC 8446. 2018. A ailable online:
h ps://da a acke .ie .o g/doc/h ml/ c8446 (accessed on 20 Feb ua y 2022).
9.
Melniko , A.; Zeilenga, K. Simple Au hen ica ion and Secu i y Laye (SASL); Technical Repo , IETF, RFC 4422. 2006. A ailable
online: h ps://da a acke .ie .o g/doc/h ml/ c4422 (accessed on 20 Feb ua y 2022).
10.
IANA. Simple Au hen ica ion and Secu i y Laye (SASL) Mechanisms. 2022. A ailable online: h ps://www.iana.o g/
assignmen s/sasl-mechanisms/sasl-mechanisms.xh ml (accessed on 20 Feb ua y 2022).
11.
OASIS S anda d, MQTT Ve sion 5.0. 2019. A ailable online: h ps://docs.oasis-open.o g/mq /mq / 5.0/mq - 5.0.h ml
(accessed on 20 Feb ua y 2022).
12.
ISO/IEC 20922:2016; S anda d, In o ma ion Technology—Message Queuing Teleme y T anspo (MQTT) 3.1.1. 2016. A ailable
online: h ps://www.iso.o g/s anda d/69466.h ml (accessed on 20 Feb ua y 2022).
13.
Sain -And e, P. Ex ensible Messaging and P esence P o ocol (XMPP): Co e; Technical Repo , IETF, RFC 6120. 2011. A ailable
online: h ps://da a acke .ie .o g/doc/h ml/ c6120 (accessed on 20 Feb ua y 2022).
14. Modbus. A ailable online: h ps://modbus.o g (accessed on 20 Feb ua y 2022).
15.
IEC 62541; OPC Uni ied A chi ec u e S anda d Se ies. Technical Repo . 2020. A ailable online: h ps://webs o e.iec.ch/
sea ch o m&q=iec%2062541 (accessed on 20 Feb ua y 2022).
16.
Shelby, Z.; Ha ke, K.; Bo mann, C. The Cons ained Applica ion P o ocol (CoAP); Technical Repo , IETF, RFC 7252. 2014.
A ailable online: h ps://da a acke .ie .o g/doc/h ml/ c7252 (accessed on 20 Feb ua y 2022).
17.
Alzubi, O.A.; Alzubi, J.A.A.; Do gham, O.M.; Alsayyed, M. C yp osys em design based on He mi ian cu es o IoT secu i y. J.
Supe compu . 2020,76, 8566–8589. [C ossRe ]
18.
Alzubi, J.A.; Manikandan, R.; Alzubi, O.A.; Qiqieh, I.; Rahim, R.; Gup a, D.; Khanna, A. Hashed Needham Sch oede Indus ial
IoT based Cos Op imized Deep Secu ed da a ansmission in cloud. Measu emen 2020,150, 107077. [C ossRe ]
19.
Sho , P.W. Polynomial-Time Algo i hms o P ime Fac o iza ion and Disc e e Loga i hms on a Quan um Compu e . SIAM J.
Compu . 1997,26, 1484–1509. [C ossRe ]
20.
G o e , L.K. A Fas Quan um Mechanical Algo i hm o Da abase Sea ch. In P oceedings o he Twen y-Eigh h Annual ACM
Symposium on Theo y o Compu ing, STOC ’96, Philadelphia, PA, USA, 22–24 May 1996; Associa ion o Compu ing Machine y:
New Yo k, NY, USA, 1996; pp. 212–219. [C ossRe ]
21. G anjal, J.; Mon ei o, E.; Sil a, J.S. End- o-end anspo -laye secu i y o In e ne -in eg a ed sensing applica ions wi h mu ual
and delega ed ECC public-key au hen ica ion. In P oceedings o he 2013 IFIP Ne wo king Con e ence, New Yo k, NY, USA,
22–24 May 2013; pp. 1–9.
22.
Hummen, R.; Sha agh, H.; Raza, S.; Voig, T.; Weh le, K. Delega ion-based au hen ica ion and au ho iza ion o he IP-based
In e ne o Things. In P oceedings o he 2014 Ele en h Annual IEEE In e na ional Con e ence on Sensing, Communica ion, and
Ne wo king (SECON), Singapo e, 30 June–3 July 2014; pp. 284–292. [C ossRe ]
23.
Moosa i, S.R.; Gia, T.N.; Nigussie, E.; Rahmani, A.; Vi anen, S.; Tenhunen, H.; Isoaho, J. Session Resump ion-Based End-
o-End Secu i y o Heal hca e In e ne -o -Things. In P oceedings o he 2015 IEEE In e na ional Con e ence on Compu e
and In o ma ion Technology; Ubiqui ous Compu ing and Communica ions; Dependable, Au onomic and Secu e Compu ing;
Pe asi e In elligence and Compu ing, Li e pool, UK, 26–28 Oc obe 2015; pp. 581–588. [C ossRe ]
24.
Pa k, J.; Kang, N. Ligh weigh secu e communica ion o CoAP-enabled In e ne o Things using delega ed DTLS handshake. In
P oceedings o he 2014 In e na ional Con e ence on In o ma ion and Communica ion Technology Con e gence (ICTC), Busan,
Ko ea, 22–24 Oc obe 2014; pp. 28–33. [C ossRe ]
Senso s 2022,22, 2561 35 o 38
25.
Kang, N.; Pa k, J.; Kwon, H.; Jung, S. ESSE: E icien Secu e Session Es ablishmen o In e ne -In eg a ed Wi eless Senso
Ne wo ks. In . J. Dis ib. Sen. Ne w. 2015,11, 393754. [C ossRe ]
26.
Pa k, J.; Kwon, H.; Kang, N. IoT-Cloud collabo a ion o es ablish a secu e connec ion o ligh weigh de ices. Wi el. Ne w.
2016
,
23, 681–692. [C ossRe ]
27.
Han, J.; Kim, D. A back-end o load a chi ec u e o secu i y o esou ce-cons ained ne wo ks. In P oceedings o he 2016 IEEE
15 h In e na ional Symposium on Ne wo k Compu ing and Applica ions (NCA), Camb idge, MA, USA, 31 Oc obe –2 No embe
2016; pp. 383–387. [C ossRe ]
28. Ma, Y.; Yan, L.; Huang, X.; Ma, M.; Li, D. DTLShps: SDN-Based DTLS Handshake P o ocol Simpli ica ion o IoT. IEEE In e ne
Things J. 2020,7, 3349–3362. [C ossRe ]
29.
Mon eneg o, G.; Kushalnaga , N.; Hui, J.; Culle , D. T ansmission o IP 6 Packe s o e IEEE 802.15.4 Ne wo ks; Technical Repo ,
IETF, RFC 4944. 2007. A ailable online: h ps://da a acke .ie .o g/doc/h ml/ c4944 (accessed on 20 Feb ua y 2022).
30.
Falk, R.; F ies, S. Managed Ce i ica e Whi elis ing—A Basis o In e ne o Things Secu i y in Indus ial Au oma ion Applica-
ions. In P oceedings o he Eigh h In e na ional Con e ence on Eme ging Secu i y In o ma ion, Sys ems and Technologies—
SECURWARE 2014, Lisbon, Po ugal, 16–20 No embe 2014.
31.
Cho, E.; Pa k, M.; Lee, H.; Choi, J.; Kwon, T.T. D2TLS: Delega ion-Based DTLS o Cloud-Based IoT Se ices. In P oceedings o
he In e na ional Con e ence on In e ne o Things Design and Implemen a ion, IoTDI ’19, Mon eal, QC, Canada, 15–18 Ap il
2019; Associa ion o Compu ing Machine y: New Yo k, NY, USA, 2019; pp. 190–201. [C ossRe ]
32.
Fouladga , S.; Mainaud, B.; Masmoudi, K.; A i i, H. Tiny 3-TLS: A T us Delega ion P o ocol o Wi eless Senso Ne wo ks. In
Secu i y and P i acy in Ad-Hoc and Senso Ne wo ks; Bu yán, L., Gligo , V.D., Wes ho , D., Eds.; Sp inge : Be lin/Heidelbe g,
Ge many, 2006; pp. 32–42. [C ossRe ]
33.
Hummen, R.; Ziegeldo , J.H.; Sha agh, H.; Raza, S.; Weh le, K. Towa ds Viable Ce i ica e-Based Au hen ica ion o he In e ne
o Things. In P oceedings o he 2nd ACM Wo kshop on Ho Topics on Wi eless Ne wo k Secu i y and P i acy, Ho WiSec ’13,
Budapes , Hunga y, 19 Ap il 2013; Associa ion o Compu ing Machine y: New Yo k, NY, USA, 2013; pp. 37–42. [C ossRe ]
34.
Ma ino, F.; Moiso, C.; Pe acca, M. PKIoT: A public key in as uc u e o he In e ne o Things. T ans. Eme g. Telecommun.
Technol. 2019,30, e3681. [C ossRe ]
35.
Ko hmay , T.; Schmi , C.; Hu, W.; B ünig, M.; Ca le, G. A DTLS based end- o-end secu i y a chi ec u e o he In e ne o Things
wi h wo-way au hen ica ion. In P oceedings o he 37 h Annual IEEE Con e ence on Local Compu e Ne wo ks—Wo kshops,
Clea wa e , FL, USA, 22–25 Oc obe 2012; pp. 956–963. [C ossRe ]
36.
Raza, S.; Sha agh, H.; Hewage, K.; Hummen, R.; Voig , T. Li he: Ligh weigh Secu e CoAP o he In e ne o Things. IEEE Sens. J.
2013,13, 3711–3720. [C ossRe ]
37.
Raza, S.; Helgason, T.; Papadimi a os, P.; Voig , T. Secu eSense: End- o-end secu e communica ion a chi ec u e o he cloud-
connec ed In e ne o Things. Fu u e Gene . Compu . Sys . 2017,77, 40–51. [C ossRe ]
38.
Ha oon, A.; Ak am, S.; Shah, M.A.; Wahid, A. E-Li he: A Ligh weigh Secu e DTLS o IoT. In P oceedings o he 2017 IEEE 86 h
Vehicula Technology Con e ence (VTC-Fall), To on o, ON, Canada, 24–27 Sep embe 2017; pp. 1–5. [C ossRe ]
39. Cha an, A.A.; Nigho , M.K. Secu e and Cos -e ec i e Applica ion Laye P o ocol wi h Au hen ica ion In e ope abili y o IOT.
P ocedia Compu . Sci. 2016,78, 646–651. [C ossRe ]
40.
Schuka , M.; Co ijo, P. Public key in as uc u es and digi al ce i ica es o he In e ne o hings. In P oceedings o he 2015 26 h
I ish Signals and Sys ems Con e ence (ISSC), Ca low, I eland, 24–25 June 2015; pp. 1–5. [C ossRe ]
41.
Kwon, H.; Raza, S.; Ko, J. POSTER: On Comp essing PKI Ce i ica es o Resou ce Limi ed In e ne o Things De ices. In
P oceedings o he 2018 on Asia Con e ence on Compu e and Communica ions Secu i y, ASIACCS ’18, Incheon, Ko ea, 4 June
2018; Associa ion o Compu ing Machine y: New Yo k, NY, USA, 2018; pp. 837–839. [C ossRe ]
42.
Kwon, H.; Ahn, J.; Ko, J. Ligh Ce : On designing a ligh e ce i ica e o esou ce-limi ed In e ne -o -Things de ices. T ans.
Eme g. Telecommun. Technol. 2019,30, e3740. [C ossRe ]
43.
Bo mann, C.; Ho man, P. Concise Bina y Objec Rep esen a ion (CBOR); Technical Repo , IETF, RFC 8949. 2020. A ailable
online: h ps://da a acke .ie .o g/doc/h ml/ c8949 (accessed on 20 Feb ua y 2022).
44. Höglund, J.; Lindeme , S.; Fu uhed, M.; Raza, S. PKI4IoT: Towa ds public key in as uc u e o he In e ne o Things. Compu .
Secu . 2020,89, 101658. [C ossRe ]
45.
Hummen, R.; Hille , J.; Wi z, H.; Henze, M.; Sha agh, H.; Weh le, K. 6LoWPAN F agmen a ion A acks and Mi iga ion
Mechanisms. In P oceedings o he WISEC’13: Six h ACM Con e ence on Secu i y and P i acy in Wi eless and Mobile Ne wo ks,
WiSec ’13, Budapes , Hunga y, 17–19 Ap il 2013; Associa ion o Compu ing Machine y: New Yo k, NY, USA, 2013; pp. 55–66.
[C ossRe ]
46.
Sahai, A.; Wa e s, B. Fuzzy iden i y-based enc yp ion. In Annual In e na ional Con e ence on he Theo y and Applica ions o
C yp og aphic Techniques; C ame , R., Ed.; Sp inge : Be lin/Heidelbe g, Ge many, 2005; pp. 457–473.
47.
Shami , A. Iden i y-Based C yp osys ems and Signa u e Schemes. In Ad ances in C yp ology; Blakley, G.R., Chaum, D., Eds.;
Sp inge : Be lin/Heidelbe g, Ge many, 1985; pp. 47–53.
48.
Boneh, D.; F anklin, M. Iden i y-Based Enc yp ion om he Weil Pai ing. In Ad ances in C yp ology—CRYPTO 2001; Kilian, J., Ed.;
Sp inge : Be lin/Heidelbe g, Ge many, 2001; pp. 213–229. [C ossRe ]
Senso s 2022,22, 2561 36 o 38
49.
Goyal, V.; Pandey, O.; Sahai, A.; Wa e s, B. A ibu e-Based Enc yp ion o Fine-G ained Access Con ol o Enc yp ed Da a.
In P oceedings o he 13 h ACM Con e ence on Compu e and Communica ions Secu i y, CCS ’06, Alexand ia, VA, USA, 30
Oc obe –3 No embe 2006; Associa ion o Compu ing Machine y: New Yo k, NY, USA, 2006; pp. 89–98. [C ossRe ]
50.
Be hencou , J.; Sahai, A.; Wa e s, B. Ciphe ex -Policy A ibu e-Based Enc yp ion. In P oceedings o he 2007 IEEE Symposium
on Secu i y and P i acy (SP ’07), Be keley, CA, USA, 20–23 May 2007; pp. 321–334. [C ossRe ]
51.
Lewko, A.; Wa e s, B. Decen alizing A ibu e-Based Enc yp ion. In Ad ances in C yp ology—EUROCRYPT 2011; Pa e son, K.G.,
Ed.; Sp inge : Be lin/Heidelbe g, Ge many, 2011; pp. 568–588. [C ossRe ]
52.
Božo i´c, V.; Socek, D.; S einwand , R.; Villányi, V. Mul i-au ho i y a ibu e-based enc yp ion wi h hones -bu -cu ious cen al
au ho i y. In . J. Compu . Ma h. 2012,89, 268–283. [C ossRe ]
53.
Zhang, Q.; Gan, Y.; Liu, L.; Wang, X.; Luo, X.; Li, Y. An au hen ica ed asymme ic g oup key ag eemen based on a ibu e
enc yp ion. J. Ne w. Compu . Appl. 2018,123, 1–10. [C ossRe ]
54.
Odelu, V.; Das, A.; Khu am Khan, M.; Choo, K.K.; Jo, M. Exp essi e CP-ABE scheme o mobile de ices in IoT sa is ying
cons an -size keys and ciphe ex s. IEEE Access 2017,5, 3273–3283. [C ossRe ]
55.
Belgui h, S.; Kaaniche, N.; Lau en , M.; Jemai, A.; A ia, R. Cons an -size h eshold a ibu e based signc yp ion o cloud
applica ions. In P oceedings o he 14 h In e na ional Join Con e ence on e-Business and Telecommunica ions—SECRYPT,
Mad id, Spain, 24–26 July 2017; Volume 4, pp. 212–225. [C ossRe ]
56.
G een, M.; Hohenbe ge , S.; Wa e s, B. Ou sou cing he Dec yp ion o ABE Ciphe ex s. In P oceedings o he 20 h USENIX
Con e ence on Secu i y, SEC’11, San F ancisco, CA, USA, 8–12 Augus 2011; USENIX Associa ion: Be keley, CA, USA, 2011; p. 34.
57.
Yang, Y.; Zhu, H.; Lu, H.; Weng, J.; Zhang, Y.; Choo, K.K. Cloud based da a sha ing wi h ine-g ained p oxy e-enc yp ion.
Pe asi e Mob. Compu . 2016,28, 122–134. [C ossRe ]
58.
Xu, X.; Zhou, J.; Wang, X.; Zhang, Y. Mul i-au ho i y p oxy e-enc yp ion based on CPABE o cloud s o age sys ems. J. Sys . Eng.
Elec on. 2016,27, 211–223. [C ossRe ]
59.
Del Rey, Á.M.; Li, J.; Sha, F.; Zhang, Y.; Huang, X.; Shen, J. Ve i iable Ou sou ced Dec yp ion o A ibu e-Based Enc yp ion wi h
Cons an Ciphe ex Leng h. Secu . Commun. Ne w. 2017,2017, 3596205. [C ossRe ]
60.
Li, J.; Wang, Y.; Zhang, Y.; Han, J. Full Ve i iabili y o Ou sou ced Dec yp ion in A ibu e Based Enc yp ion. IEEE T ans. Se .
Compu . 2020,13, 478–487. [C ossRe ]
61.
Belgui h, S.; Kaaniche, N.; Hammoudeh, M.; Da gahi, T. PROUD: Ve i iable P i acy-p ese ing Ou sou ced A ibu e Based
SignC yp ion suppo ing access policy Upda e o cloud assis ed IoT applica ions. Fu u e Gene . Compu . Sys .
2020
,111, 899–918.
[C ossRe ]
62.
Bany Taha, M.; Ould-Slimane, H.; Talhi, C. Sma o loading echnique o CP-ABE enc yp ion schemes in cons ained de ices.
SN Appl. Sci. 2020,2, 274. [C ossRe ]
63.
Reimai , F.; Feich ne , J.; Teu l, P. A ibu e-Based Enc yp ion Goes X.509. In P oceedings o he 2015 IEEE 12 h In e na ional
Con e ence on e-Business Enginee ing, Beijing, China, 23–25 Oc obe 2015; pp. 393–400. [C ossRe ]
64.
Ting, P.; Tsai, J.; Wu, T. Signc yp ion Me hod Sui able o Low-Powe IoT De ices in a Wi eless Senso Ne wo k. IEEE Sys . J.
2018,12, 2385–2394. [C ossRe ]
65.
Choi, J.; In, Y.; Pa k, C.; Seok, S.; Seo, H.; Kim, H. Secu e IoT amewo k and 2D a chi ec u e o End-To-End secu i y. J.
Supe compu . 2018,74, 3521–3535. [C ossRe ]
66.
Gonçal es, F.; Ribei o, B.; Gama, O.; Ba os, S.; Sousa, S.; Hapanchak, V.; San os, A.; Cos a, A.; Dias, B.; Macedo, J.; e al. Hyb id
model o secu e communica ions and iden i y managemen in ehicula ad hoc ne wo ks. In P oceedings o he 2017 9 h
In e na ional Cong ess on Ul a Mode n Telecommunica ions and Con ol Sys ems and Wo kshops (ICUMT), Munich, Ge many,
6–8 No embe 2017; pp. 414–422. [C ossRe ]
67.
Ma, M.; He, D.; Kuma , N.; Choo, K.R.; Chen, J. Ce i ica eless Sea chable Public Key Enc yp ion Scheme o Indus ial In e ne
o Things. IEEE T ans. Ind. In o ma ics 2018,14, 759–767. [C ossRe ]
68.
Chien, H. G oup-O ien ed Range-Bound Key Ag eemen o In e ne o Things Scena ios. IEEE In e ne Things J.
2018
,5, 1890–1903.
[C ossRe ]
69.
Zúque e, A.; Gomes, H.; Ama al, J.; Oli ei a, C. Secu i y-O ien ed A chi ec u e o Managing IoT Deploymen s. Symme y
2019
,
11, 1315. [C ossRe ]
70.
Rahman, A.; Roy, S.; Kaise , M.S.; Islam, M.S. A Ligh weigh Mul i- ie S-MQTT F amewo k o Secu e Communica ion be ween
low-end IoT Nodes. In P oceedings o he 2018 5 h In e na ional Con e ence on Ne wo king, Sys ems and Secu i y (NSysS),
Dhaka, Bangladesh, 18–20 Decembe 2018; pp. 1–6. [C ossRe ]
71.
Aye , A. Duplica e Signa u e Key Selec ion A ack in Le ’s Enc yp . 2015. A ailable online: h ps://www.agwa.name/blog/
pos /duplica e_signa u e_key_selec ion_a ack_in_le s_enc yp (accessed on 20 Feb ua y 2022).
72.
Slee i, R. Sus aining Digi al Ce i ica e Secu i y. Google Secu i y Blog. 2015. A ailable online: h ps://secu i y.googleblog.com/
2015/10/sus aining-digi al-ce i ica e-secu i y.h ml (accessed on 20 Feb ua y 2022).
73.
O’B ien, D.; Slee i, R.; Whalley, A. Ch ome’s Plan o Dis us Syman ec Ce i ica es. Google Secu i y Blog. 2018. A ailable online:
h ps://secu i y.googleblog.com/2017/09/ch omes-plan- o-dis us -syman ec.h ml (accessed on 20 Feb ua y 2022).
74.
B yan , M. Keeping Posi i e—Ob aining A bi a y Wildca d SSL Ce i ica es om Comodo ia Dangling Ma kup Injec ion. 2016.
A ailable online: h ps:// hehacke blog.com/keeping-posi i e-ob aining-a bi a y-wildca d-ssl-ce i ica es- om-comodo- ia-
dangling-ma kup-injec ion/ (accessed on 20 Feb ua y 2022).
Senso s 2022,22, 2561 37 o 38
75.
Alden, R. Inciden Repo —OCR. 2016. A ailable online: h ps://www.mail-a chi e.com/de -secu i y-[email p o ec ed]g/
msg04654.h ml (accessed on 20 Feb ua y 2022).
76.
Mozilla. Remo e Ce inomis—Roo CA. 2019. A ailable online: h ps://bugzilla.mozilla.o g/show_bug.cgi?id=1552374
(accessed on 20 Feb ua y 2022).
77.
Wa bu on, D. Kazakhs an A emp s o MITM I s Ci izens. 2019. A ailable online: h ps://www. 5.com/labs/a icles/ h ea -
in elligence/kazakhs an-a emp s- o-mi m-i sci izens (accessed on 20 Feb ua y 2022).
78.
Wilson, B. In he Wake o Unau ho ized Ce i ica e Issuance by he Indian CA NIC, Can Go e nmen CAs S ill be Conside ed
”T us ed Thi d Pa ies”? 2014. A ailable online: h ps://pkic.o g/2014/07/24/in- he-wake-o -unau ho ized-ce i ica e-issuance-
by- he-indian-ca-nic-can-go e nmen -cas-s ill-be-conside ed- us ed- hi d-pa ies/ (accessed on 20 Feb ua y 2022).
79.
Quin in, C. Cybe -Me cena y G oups Shouldn’ Be T us ed in You B owse o Anywhe e Else. 2019. A ailable online: h ps:
//www.e .o g/deeplinks/2019/02/cybe -me cena y-g oups-shouldn -be- us ed-you -b owse -o -anywhe e-else (accessed on
20 Feb ua y 2022).
80.
Du ume ic, Z.; Kas en, J.; Bailey, M.; Halde man, J.A. Analysis o he HTTPS Ce i ica e Ecosys em. In P oceedings o he 2013
Con e ence on In e ne Measu emen Con e ence, IMC ’13, Ba celona, Spain, 23–25 Oc obe 2013; Associa ion o Compu ing
Machine y: New Yo k, NY, USA, 2013; pp. 291–304. [C ossRe ]
81.
A no , M.; Buckland, E.; Ranken, M.; Owen, P. IoT Global Fo ecas and Analysis, 2015–2025; Technical Repo , Ga ne Resea ch.
2017. A ailable online: h ps://www.ga ne .com/en/documen s/3659018 (accessed on 20 Feb ua y 2022).
82.
Makhdoom, I.; Abolhasan, M.; Abbas, H.; Ni, W. Blockchain’s adop ion in IoT: The challenges, and a way o wa d. J. Ne w.
Compu . Appl. 2019,125, 251–279. [C ossRe ]
83.
Sme anin, S.; Ome o , A.; Koma o , M.; Masek, P.; Kouche ya y, Y. Blockchain E alua ion App oaches: S a e-o - he-A and
Fu u e Pe spec i e. Senso s 2020,20, 3358. [C ossRe ]
84.
Nakamo o, S. Bi coin: A Pee - o-Pee Elec onic Cash Sys em. 2009. A ailable online: h ps://bi coin.o g/bi coin.pd (accessed
on 20 Feb ua y 2022).
85.
Vukoli´c, M. The Ques o Scalable Blockchain Fab ic: P oo -o -Wo k s. BFT Replica ion. In Open P oblems in Ne wo k Secu i y;
Sp inge : Cham, Swi ze land, 2016; pp. 112–125. [C ossRe ]
86.
Vasin, P. BlackCoin’s P oo -o -S ake P o ocol 2. 2014. A ailable online: h ps://blackcoin.o g/blackcoin-pos-p o ocol- 2
-whi epape .pd (accessed on 20 Feb ua y 2022).
87.
Bu e in, V. E he eum Whi e Pape : A Nex Gene a ion Sma Con ac & Decen alized Applica ion Pla o m; Technical Repo ,
e he eum.o g. 2014. A ailable online: h ps://blockchainlab.com/pd /E he eum_whi e_pape -a_nex _gene a ion_sma _
con ac _and_decen alized_applica ion_pla o m- i alik-bu e in.pd (accessed on 20 Feb ua y 2022).
88.
Sa dan, T. Wha Is a Ligh Clien and Why You Should Ca e? 2018. A ailable online: h ps://www.pa i y.io/blog/wha -is-a-
ligh -clien / (accessed on 20 Feb ua y 2022).
89. Me kle, R. Me hod o P o iding Digi al Signa u es. U.S. Pa en 4309569, 5 Janua y 1982.
90. IOTA. A ailable online: h ps://www.io a.o g (accessed on 20 Feb ua y 2022).
91.
Popo , S. The Tangle; Technical Repo . 2018. A ailable online: h ps://asse s.c asse s.ne / 1d 6 z xhe /2 4ux sIqk0EUau6g2
sw0g/45eae33637ca92 85dd9 4a3a218e1ec/io a1_4_3.pd (accessed on 20 Feb ua y 2022).
92.
Magnusson, S. E alua ion o Decen alized Al e na i es o PKI o IoT De ices. A Li e a u e S udy and P oo o Concep
Implemen a ion o Explo e he Viabili y o Replacing PKI wi h Decen alized Al e na i es. Mas e ’s Thesis, KTH. Skolan ö
Elek o eknik och Da a e enskap, S ockholm, Sweden, 2018.
93.
F omknech , C.; Velicanu, D.; Yakoubo , S. Ce Coin: A NameCoin Based Decen alized Au hen ica ion Sys em 6. 857 Class
P ojec . 2014. A ailable online: h ps://cou ses.csail.mi .edu/6.857/2014/ iles/19- omknech - elicann-yakoubo -ce coin.pd
(accessed on 20 Feb ua y 2022).
94.
Qin, B.; Huang, J.; Wang, Q.; Luo, X.; Liang, B.; Shi, W. Cecoin: A decen alized PKI mi iga ing Mi M a acks. Fu u e Gene .
Compu . Sys . 2020,107, 805–815. [C ossRe ]
95.
Talamo, M.; A cie i, F.; Dimi i, A.; Schunck, C.H. A Blockchain based PKI Valida ion Sys em based on Ra e E en s Managemen .
Fu u e In e ne 2020,12, 40. [C ossRe ]
96.
Won, J.; Singla, A.; Be ino, E.; Bollella, G. Decen alized Public Key In as uc u e o In e ne -o -Things. In P oceedings o he
MILCOM 2018—2018 IEEE Mili a y Communica ions Con e ence (MILCOM), Los Angeles, CA, USA, 29–31 Oc obe 2018; pp.
907–913. [C ossRe ]
97. Singla, A.; Be ino, E. Blockchain-Based PKI Solu ions o IoT. In P oceedings o he 2018 IEEE 4 h In e na ional Con e ence on
Collabo a ion and In e ne Compu ing (CIC), Philadelphia, PA, USA, 18–20 Oc obe 2018; pp. 9–15. [C ossRe ]
98.
K ou y, E.; Khou y, D. Dis ibu ed Public Key In as uc u e and PSK Exchange Based on Blockchain Technology. In P oceedings
o he 2018 IEEE In e na ional Con e ence on In e ne o Things (iThings) and IEEE G een Compu ing and Communica ions
(G eenCom) and IEEE Cybe , Physical and Social Compu ing (CPSCom) and IEEE Sma Da a (Sma Da a), Hali ax, NS, Canada,
30 July–3 Augus 2018; pp. 1116–1120. [C ossRe ]
99.
El-Hajj, M.; Fadlallah, A.; Chamoun, M.; Se h ouchni, A. E he eum o Secu e Au hen ica ion o IoT using P e-Sha ed Keys
(PSKs). In P oceedings o he 2019 In e na ional Con e ence on Wi eless Ne wo ks and Mobile Communica ions (WINCOM),
Fez, Mo occo, 29 Oc obe –1 No embe 2019; pp. 1–7. [C ossRe ]
Senso s 2022,22, 2561 38 o 38
100.
Jiang, W.; Li, H.; Xu, G.; Wen, M.; Dong, G.; Lin, X. PTAS: P i acy-p ese ing Thin-clien Au hen ica ion Scheme in blockchain-
based PKI. Fu u e Gene . Compu . Sys . 2019,96, 185–195. [C ossRe ]
101.
Tesei, A.; Di Mau o, L.; Falci elli, M.; No o, S.; Pagano, P. IOTA-VPKI: A DLT-Based and Resou ce E icien Vehicula Public
Key In as uc u e. In P oceedings o he 2018 IEEE 88 h Vehicula Technology Con e ence (VTC-Fall), Chicago, IL, USA, 27–30
Augus 2018; pp. 1–6. [C ossRe ]
102. E he eum. A ailable online: h ps://e he eum.o g/en/ (accessed on 20 Feb ua y 2022).
103.
Al-Bassam, M. SCPKI: A Sma Con ac -Based PKI and Iden i y Sys em. In P oceedings o he ACM Wo kshop on Blockchain,
C yp ocu encies and Con ac s, BCC ’17, Abu Dhabi, Uni ed A ab Emi a es, 2 Ap il 2017; Associa ion o Compu ing Machine y:
New Yo k, NY, USA, 2017; pp. 35–40. [C ossRe ]
104.
Khodaei, M.; Jin, H.; Papadimi a os, P. SECMACE: Scalable and Robus Iden i y and C eden ial Managemen In as uc u e in
Vehicula Communica ion Sys ems. IEEE T ans. In ell. T ansp. Sys . 2018,19, 1430–1444. [C ossRe ]
105.
Raza, S.; Sei z, L.; Si enko , D.; Selande , G. S3K: Scalable Secu i y Wi h Symme ic Keys—DTLS Key Es ablishmen o he
In e ne o Things. IEEE T ans. Au om. Sci. Eng. 2016,13, 1270–1280. [C ossRe ]
