Understanding IoT device authentication

Enterprises are adopting IoT technologies in their digital transformation journey. Simultaneously, consumers are using more home IoT devices than ever before. Both trends require safe IoT devices that consumers and businesses can trust to collect data on their behalf. This article explains IoT device authentication, which is a crucial component of secure IoT.

While there is considerable diversity within IoT devices, essentially, each IoT device instance has metadata and a unique identity. The metadata contains information about a device such as a device identifier, hardware serial number, date manufactured, etc.

A unique device identity prevents network enrollment of counterfeit IoT devices. An IoT device instance proves its unique identity to a server through authentication. Three standard authentication methods are

• Password based authentication typically uses a default password for all IOT devices in the product family. Just in case a user forgets, (s)he can find these default passwords on internet. However hackers can also easily exploit this information and hack the IOT device. To reduce this risk, a recent government regulation requires device manufacturers to set unique passwords.
• Symmetric key authentication requires establishing a shared secret key between the device and the cloud. e.g. see this link. This means that the symmetric key must be protected at two places.
• Certificate based authentication is the use of digital certificate to identify an IoT device. A certificate is a signed data structure that binds IoT device identity to its public key. This authentication scheme relies on asymmetric cryptography to generate device private-public key pair.

X.509 is the most widely used public certificate today. The certificate contains information about the device, certificate lifespan, and a signature from Certificate Authority (CA). The digital signature typically use RSA or ECDSA. The CA signs the certificate with its private key.

Generation of X.509 Digital certificate

CA is an essential component in Public Key Infrastructure (PKI). The other key elements are Registration Authority (RA), Validation authority(VA) and a certificate database. PKI employs these components and policies to generate, distribute, use, revoke and store digital certificates.

There is a four-step process in creating a new IoT device identity. The process of installing private key and X.509 Certificate in the IoT device is called provisioning.

Scaling PKI for IoT devices

PKI vendors must scale their infrastructure to manage IoT certificate volume and throughput needs. E.g., the GlobalSign PKI solution can issue thousands of certificates per second. PKI vendors must build an automated process for requesting, generating, and validating certificates. Both the CA and IoT device sides must support enrollment protocols such as SCEP (Simple Certificate Enrollment Protocol) or EST (Enrollment over Secure Transport).

Provisioning during the supply chain

Typically, a raw security chip is provisioned for the first time in the foundry or OSAT (Outsourced Assembly and Test). As the chip private key and certificate forms a unique identity, it’s also referred as a birth certificate. The chip is subsequently passed to the next vendor in the supply chain. This vendor uses the on chip digital certificate and CA public key to authenticate chip identity. If the authentication passes, the vendor will perform subsequent value addition steps on the genuine chips. The vendor may also provision a new vendor specific certificate to the chip.

IoT device authentication takes place at TLS layer

After the IoT device has been provisioned, it can run client certification authentication at the TLS (Transport layer security) to authenticate itself to the server.

TLS is an Internet Engineering Task Force (IETF) standard that enables the client/server applications to communicate over the internet securely. TLS offers authentication, encryption, and data integrity to the client-server applications.

TLS has two phases: handshake (performs a key exchange to derive a secret key) and a record protocol (to bulk encrypt/decrypt the message between IoT device and server).

In step one, Client sends a hello message to the server. It includes a client TLS version, a list of cipher suites, a 32-byte random number, a session ID, and compression method options. A cipher suite consists of a cryptographic algorithm for each task: key exchange, digital signature algorithm, data encryption, and message authentication. Next, the server sends a hello message to Client and confirms the cipher suite, TLS version from the mutually supported choices. It also sends a 32-byte random number to the Client. The client and server random numbers are used to generate an encryption key.

TLS Handshake protocol

The server also sends its X.509 certificate chain to the client and a Server Hello Done message. The client uses this server certificate to authenticate the server. In step 4 , Server sends a client certificate request to the device. Subsequently, the IoT device sends its X.509 certificate chain to server to perform device authentication.

Conclusion

This article explained the various aspects of IoT authentication using X.509 certificates. All major PKI vendors DigiCert, GlobalSign, Intertrust offer PKI for IoT devices. Further all the major IoT platforms AWS IoT core, Azure IoT hub can perform certificate based authentication prior to onboarding of IoT devices.