Print Email Facebook Twitter A Distributed Public Key Infrastructure for the IoT Title A Distributed Public Key Infrastructure for the IoT Author Hoogland, Mathijs (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Erkin, Zekeriya (mentor) Degree granting institution Delft University of Technology Programme Computer Science | Data Science and Technology Date 2018-07-06 Abstract The role of Internet of Things (IoT) devices is becoming larger in our day-to-day life. More and more, devices are used to help with simple tasks in our lives. Little computers are installed in a large variety of consumer products and are often connected to the internet. The large increase of these “resource-constrained” devices that are connected to the internet results in security challenges. Communication between IoT devices often occurs through asymmetric key encryption where keys are distributed through a Public Key Infrastructure (PKI). Traditional PKIs have a number of downsides: they have a single point of failure, provide a difficult revocation scheme and lack transparency. The emergence of Blockchain technology has provided a new direction for the research on PKIs, solving certain downsides of traditional PKI systems. In this thesis, we present DEcentralized Key INfrastructure (DECKIN). Our solution addresses scalability, key management for recovery and revocation and verification of the identity that is being registered in a fully decentralized context. We do this by building an infrastructure on top of blockchain technology.The system uses cryptographic accumulators to enable resource-constrained devices to lookup if certain identity-key values are correctly registered within the system without requiring these devices to traverse the entire blockchain. Our system also contains an identity validation protocol. This protocol is executed by each device that wants to register its identity in our system and requires the node to successfully interact with other nodes in the network for the duration of a block creation. When a node successfully conducts this interaction, his identity will be confirmed and the registration will be completed. Participants can now lookup his key in the system. Lastly, we use Physical Unclonable Function (PUF) technology to handle key-management challenges in our system. PUF technology uses hardware specific features to create a digital fingerprint for each device. This technique enables devices to recover their secret key without requiring them to store anything locally. Subject cryptographypkisecurity To reference this document use: http://resolver.tudelft.nl/uuid:d028fa67-3040-4ab2-96fb-b859e77be8ae Part of collection Student theses Document type master thesis Rights © 2018 Mathijs Hoogland Files PDF Thesis_Mathijs_Hoogland.pdf 4.43 MB Close viewer /islandora/object/uuid:d028fa67-3040-4ab2-96fb-b859e77be8ae/datastream/OBJ/view