TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications

Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.

[1]  W. Chou Inside SSL: accelerating secure transactions , 2002 .

[2]  Angelos D. Keromytis,et al.  Just fast keying: Key agreement in a hostile internet , 2004, TSEC.

[3]  David W. Chadwick Understanding X.500 - the directory , 1994 .

[4]  Donald Eastlake rd,et al.  Transport Layer Security (TLS) Extensions: Extension Definitions , 2011 .

[5]  Arun Prakash,et al.  Machine-to-Machine (M2M) communications: A survey , 2016, J. Netw. Comput. Appl..

[6]  C. Jackson,et al.  Beware of Finer-Grained Origins , 2008 .

[7]  Hugo Krawczyk,et al.  SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols , 2003, CRYPTO.

[8]  Cristina Nita-Rotaru,et al.  How Secure and Quick is QUIC? Provable Security and Performance Analyses , 2015, 2015 IEEE Symposium on Security and Privacy.

[9]  J. Alex Halderman,et al.  Analysis of the HTTPS certificate ecosystem , 2013, Internet Measurement Conference.

[10]  Carlo Maria Medaglia,et al.  An Overview of Privacy and Security Issues in the Internet of Things , 2010 .

[11]  Cas J. F. Cremers,et al.  Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[12]  Thaier Hayajneh,et al.  Security issues with certificate authorities , 2017, 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON).

[13]  Paul E. Hoffman,et al.  The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA , 2012, RFC.

[14]  Carol Woody,et al.  Supply-Chain Risk Management: Incorporating Security into Software Development , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[15]  Richard L. Barnes,et al.  Internet Engineering Task Force (ietf) Use Cases and Requirements for Dns-based Authentication of Named Entities (dane) , 2022 .

[16]  Hugo Krawczyk,et al.  Security Analysis of IKE's Signature-Based Key-Exchange Protocol , 2002, CRYPTO.

[17]  Jeff Hodges,et al.  HTTP Strict Transport Security (HSTS) , 2012, RFC.

[18]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[19]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[20]  Hannes Tschofenig,et al.  Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things , 2016, RFC.

[21]  Alfredo Pironti,et al.  Deprecating Secure Sockets Layer Version 3.0 , 2015, RFC.

[22]  Maria Kihl,et al.  Inter-vehicle communication systems: a survey , 2008, IEEE Communications Surveys & Tutorials.

[23]  Pooyan Jamshidi,et al.  Microservices Architecture Enables DevOps: Migration to a Cloud-Native Architecture , 2016, IEEE Software.

[24]  Scott Rose,et al.  Protocol Modifications for the DNS Security Extensions , 2005, RFC.

[25]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[26]  Gabriel Montenegro,et al.  IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals , 2007, RFC.

[27]  Pramodita Sharma 2012 , 2013, Les 25 ans de l’OMC: Une rétrospective en photos.

[28]  Dan Simon,et al.  PPP EAP TLS Authentication Protocol , 1999, RFC.

[29]  Peter Gutmann,et al.  Encrypt-then-MAC for Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) , 2014, RFC.

[30]  Andrés Marín López,et al.  A Metric-Based Approach to Assess Risk for “On Cloud” Federated Identity Management , 2012, Journal of Network and Systems Management.

[31]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[32]  Roy Fielding,et al.  Architectural Styles and the Design of Network-based Software Architectures"; Doctoral dissertation , 2000 .

[33]  NEAL HARRIS BREACH : REVIVING THE CRIME ATTACK , 2013 .

[34]  Jennifer Healey,et al.  2006's Wearable Computing Advances and Fashions , 2007, IEEE Pervasive Computing.

[35]  Andrei Popov,et al.  Prohibiting RC4 Cipher Suites , 2015, RFC.

[36]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.

[37]  Scott Rose,et al.  Resource Records for the DNS Security Extensions , 2005, RFC.

[38]  Yuri Demchenko,et al.  The Incident Object Description Exchange Format , 2007, RFC.

[39]  Joan Feigenbaum,et al.  Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation , 2002, Financial Cryptography.

[40]  Dan S. Wallach,et al.  Efficient Data Structures For Tamper-Evident Logging , 2009, USENIX Security Symposium.

[41]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[42]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[43]  Alfredo Pironti,et al.  Truncating TLS Connections to Violate Beliefs in Web Applications , 2013, WOOT.

[44]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.

[45]  Donald E. Eastlake,et al.  Domain Name System Security Extensions , 1997, RFC.

[46]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[47]  Ryan Hurst,et al.  The Lightweight Online Certificate Status Protocol (OCSP) Profile for High-Volume Environments , 2007, RFC.

[48]  Duong,et al.  Here Come The ⊕ Ninjas Thai , 2011 .

[49]  Adam Langley,et al.  Certificate Transparency , 2014, RFC.

[50]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[51]  Kenneth G. Paterson,et al.  Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.

[52]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[53]  Peng Liang,et al.  A systematic mapping study on the combination of software architecture and agile development , 2016, J. Syst. Softw..

[54]  Ankur Taly,et al.  Privacy, Discovery, and Authentication for the Internet of Things , 2016, ESORICS.

[55]  Haci Ilhan,et al.  Managing 6LoWPAN sensors with CoAP on internet , 2015, 2015 23nd Signal Processing and Communications Applications Conference (SIU).

[56]  Eric Rescorla,et al.  Transport Layer Security (TLS) Renegotiation Indication Extension , 2010, RFC.

[57]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[58]  Florence March,et al.  2016 , 2016, Affair of the Heart.

[59]  Paul E. Hoffman,et al.  Specification for DNS over Transport Layer Security (TLS) , 2016, RFC.

[60]  Tim Howes,et al.  X.500 Lightweight Directory Access Protocol , 1993, RFC.

[61]  Jeremy Clark,et al.  2013 IEEE Symposium on Security and Privacy SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements , 2022 .

[62]  Patrick Goldsack,et al.  The Asymptotic Configuration of Application Components in a Distributed System , 1998 .

[63]  Jaeho Kim,et al.  M2M Service Platforms: Survey, Issues, and Enabling Technologies , 2014, IEEE Communications Surveys & Tutorials.

[64]  Moxie Marlinspike,et al.  Trust Assertions for Certificate Keys , 2013 .

[65]  Frederik Vercauteren,et al.  A cross-protocol attack on the TLS protocol , 2012, CCS.

[66]  Georg Carle,et al.  Mission accomplished?: HTTPS security after diginotar , 2017, Internet Measurement Conference.

[67]  Ning Zhang,et al.  A Survey on Service Migration in Mobile Edge Computing , 2018, IEEE Access.

[68]  Douglas Stebila,et al.  X.509v3 Certificates for Secure Shell Authentication , 2011, RFC.

[69]  Sara J. Graves,et al.  CASA and LEAD: adaptive cyberinfrastructure for real-time multiscale weather forecasting , 2006, Computer.

[70]  Daniel M. Gordon,et al.  A Survey of Fast Exponentiation Methods , 1998, J. Algorithms.

[71]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[72]  Eric Rescorla,et al.  Transport Layer Security over Stream Control Transmission Protocol , 2002, RFC.

[73]  Stephen Farrell Other Certificates Extension , 2009, RFC.

[74]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[75]  Thiemo Voigt,et al.  Lithe: Lightweight Secure CoAP for the Internet of Things , 2013, IEEE Sensors Journal.

[76]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[77]  Christof Paar,et al.  DROWN: Breaking TLS Using SSLv2 , 2016, USENIX Security Symposium.

[78]  Carl Wallace,et al.  Internet Engineering Task Force (ietf) Using Trust Anchor Constraints during Certification Path Processing , 2022 .

[79]  Russ Housley,et al.  Trust Anchor Management Protocol (TAMP) , 2010, RFC.

[80]  A. Azzouz 2011 , 2020, City.

[81]  Kenneth G. Paterson,et al.  On the Security of RC4 in TLS , 2013, USENIX Security Symposium.

[82]  Eric Rescorla,et al.  HTTP Over TLS , 2000, RFC.

[83]  Hanno Wirtz,et al.  6LoWPAN fragmentation attacks and mitigation mechanisms , 2013, WiSec '13.

[84]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.

[85]  Olafur Gudmundsson Adding Acronyms to Simplify Conversations about DNS-Based Authentication of Named Entities (DANE) , 2014, RFC.

[86]  Donald E. Eastlake,et al.  RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) , 2001, RFC.

[87]  Jeff Hodges,et al.  Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .

[88]  Hao Zhou,et al.  Transport Layer Security (TLS) Session Resumption without Server-Side State , 2008, RFC.

[89]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[90]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[91]  A. James 2010 , 2011, Philo of Alexandria: an Annotated Bibliography 2007-2016.

[92]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[93]  Stephen E. Hardcastle-Kille X.500 and Domains , 1991, RFC.

[94]  Lianping Chen,et al.  Continuous Delivery: Huge Benefits, but Challenges Too , 2015, IEEE Software.

[95]  Thomas Shrimpton,et al.  Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance , 2004, FSE.

[96]  Chris Palmer,et al.  Public Key Pinning Extension for HTTP , 2015, RFC.

[97]  Stephen J. Schultze,et al.  Trust Darknet: Control and Compromise in the Internet's Certificate Authority Model , 2013, IEEE Internet Computing.

[98]  Deirdre K. Mulligan,et al.  Stopping spyware at the gate: a user study of privacy, notice and spyware , 2005, SOUPS '05.

[99]  Lorrie Faith Cranor,et al.  Crying Wolf: An Empirical Study of SSL Warning Effectiveness , 2009, USENIX Security Symposium.

[100]  Collin Jackson,et al.  Forcehttps: protecting high-security web sites from network attacks , 2008, WWW.

[101]  Tirumaleswar Reddy,et al.  DNS over Datagram Transport Layer Security (DTLS) , 2017, RFC.

[102]  Sid Stamm,et al.  Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper) , 2011, Financial Cryptography.

[103]  Marc Fischlin,et al.  A Cryptographic Analysis of the TLS 1.3 Handshake Protocol Candidates , 2015, IACR Cryptol. ePrint Arch..

[104]  Tim Wright,et al.  Transport Layer Security (TLS) Extensions , 2003, RFC.

[105]  Peter E. Yee Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2013, RFC.

[106]  Xiaoyang Sean Wang,et al.  Risk management for distributed authorization , 2007, J. Comput. Secur..