DeepAI AI Chat
Log In Sign Up

V'CER: Efficient Certificate Validation in Constrained Networks

by   David Koisser, et al.
University of California, Irvine
Technische Universität Darmstadt

We address the challenging problem of efficient trust establishment in constrained networks, i.e., networks that are composed of a large and dynamic set of (possibly heterogeneous) devices with limited bandwidth, connectivity, storage, and computational capabilities. Constrained networks are an integral part of many emerging application domains, from IoT meshes to satellite networks. A particularly difficult challenge is how to enforce timely revocation of compromised or faulty devices. Unfortunately, current solutions and techniques cannot cope with idiosyncrasies of constrained networks, since they mandate frequent real-time communication with centralized entities, storage and maintenance of large amounts of revocation information, and incur considerable bandwidth overhead. To address the shortcomings of existing solutions, we design V'CER, a secure and efficient scheme for certificate validation that augments and benefits a PKI for constrained networks. V'CER utilizes unique features of Sparse Merkle Trees (SMTs) to perform lightweight revocation checks, while enabling collaborative operations among devices to keep them up-to-date when connectivity to external authorities is limited. V'CER can complement any PKI scheme to increase its flexibility and applicability, while ensuring fast dissemination of validation information independent of the network routing or topology. V'CER requires under 3KB storage per node covering 106 certificates. We developed and deployed a prototype of V'CER on an in-orbit satellite and our large-scale simulations demonstrate that V'CER decreases the number of requests for updates from external authorities by over 93 intermittently connected.


page 1

page 2

page 3

page 4


ZIRCON: Zero-watermarking-based approach for data integrity and secure provenance in IoT networks

The Internet of Things (IoT) is integrating the Internet and smart devic...

BLEND: Efficient and blended IoT data storage and communication with application layer security

Many IoT use cases demand both secure storage and secure communication. ...

Security of RPL Based 6LoWPAN Networks in the Internet of Things: A Review

Internet of Things (IoT) is one of the fastest emerging networking parad...

Efficient Online Classification and Tracking on Resource-constrained IoT Devices

Timely processing has been increasingly required on smart IoT devices, w...

Secure IoT Routing: Selective Forwarding Attacks and Trust-based Defenses in RPL Network

IPv6 Routing Protocol for Low Power and Lossy Networks (RPL) is an essen...

Transparent Recovery of Dynamic States on Constrained Nodes through Deep Packet Inspection

Many IoT applications make extensive use of constrained devices which ar...