LightCert: On designing a lighter certificate for resource‐limited Internet‐of‐Things devices

Abstract

AbstractInternet‐of‐Things (IoT) devices are typically resource constrained in terms of computing capabilities and battery power. Despite the efforts from the Internet Engineering Task Force (IETF) to established standards for IoT such as IPv6 over low‐power wireless personal area networks (6LoWPAN), routing protocol for low‐power lossy networks (RPL), and constrained application protocol (CoAP), certificate‐based Internet security protocols have not been fully addressed yet.We see the main cause of this being the size of the X.509‐based Internet certificates. Typically being 1 to 2 kB, the large size of these certificates can cause IEEE 802.15.4‐based IoT nodes to fragment the certificate into many smaller packet‐size chunks, which causes many packet transmissions to occur in the network. This work presents LightCert, a lightweight scheme to compress the size of the security certificates using the similarity of contents in X.509 certificates. Specifically, LightCert identifies common fields in a certificate and suppresses the transmission of these contents within the IoT subnet scope. This allows LightCert nodes to minimize the packet transmission overhead for supporting certificate‐based security mechanisms such as datagram transport layer security (DTLS), by as much as ∼37%. The added overhead of exchanging certificates when using LightCert is kept low to as much as ∼5 mJ of energy and ∼0.48 seconds of latency.