Zero-Knowledge Registration of PKI Authentication for Symbiotic Security in FIDO IoT - Scientific paper

Abstract

In this paper, we critically discourse on the current Fast IDentity Online specification, its underlying security layer and the resulting misconceptions or even weaknesses. We juxtapose the presented view against some of the fundamental and long-standing public key infrastructure problems such as the initial enrolment of identities and their keys (e.g., X.509v3 certificates). We then observe a novel approach of zero-knowledge initial enrolment of resource-constrained Internet of Things devices and investigate how its idea of symbiotic security, i.e., a consistent and consolidated cooperative design which involves all architectural building blocks such as software, hardware, networks, and processes, can contribute to the new Fast IDentity Online Internet of Things specification in the making. Finally, we suggest by way of an outlook or future work how this already modular security-by-design mindset can be further enhanced through a dynamic management system to keep cryptographic keys in volatile memory only. The idea is also based on a symbiotic connection between hardware and software to create a number of added benefits from the security perspective.

Read Full Article