TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications

Daniel Diaz-Sanchez, Andres Marin-Lopez, Florina Almenarez, Patricia Arias, R. Simon Sherratt
2019 IEEE Communications Surveys and Tutorials  
Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the
more » ... t of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed. Index Terms-Transport layer security, DTLS, public key infrastructure, trusted third party, certificate pinning, Internet of Things, machine to machine.
doi:10.1109/comst.2019.2914453 fatcat:lwwk7pbogfeidhc4t6wth5gvne