RT Journal Article
T1 TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications
A1 Díaz Sánchez, Daniel
A1 Marín López, Andrés
A1 Almenares Mendoza, Florina
A1 Arias Cabarcos, Patricia
A1 Sherratt, R. Simon
AB Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.
PB IEEE
SN 1553-877X
YR 2019
FD 2019-11
LK https://hdl.handle.net/10016/37270
UL https://hdl.handle.net/10016/37270
LA eng
NO Artículo de acceso abierto (OA). En la plataforma consta como OA, pero el fichero del artículo tiene, erróneamente, copyright de IEEE.
NO This work was supported in part by Project MAGOS under Grant TEC2017-84197-C4-1-R, in part by Project INRISCO under Grant TEC2014-54335-C4-2-R, and in part by the Comunidad de Madrid (Spain) through the Project CYNAMON cofinanced by European Structural Funds (ESF and FEDER) and the Alexander von Humboldt Post-Doctoral Program under Grant P2018/TCS-4566.
DS e-Archivo
RD 1 sept. 2024