Abstract
The certificate authority, a trusted entity, issues digital certificates which contain identity credentials to help Industrial Internet of Things (IIoT) devices to represent their authenticity in a secure means. The crucial challenge of a digital certificate is to how design a secure certification authority management system that can counteract cyberattacks on the IIoT network. Moreover, current IIoT systems are not capable of implementing complex mathematical operations due to their constrained power capacity and processing capability. This paper proposes an effective, secure symmetric cryptographic mechanism (ESSC) based on the certificate authority management and Elliptic Curve Diffie Hellman (ECDH) to share a digital certificate among IIoT devices. The proposed certificate authority is used to securely exchange the shared secret key and to resolve the problem of spoofing attacks that may be used to impersonate the identity of the certificate authority. Also, ESSC uses the shared secret key to encrypt the sensitive data during transmission through the insecure communication channel. This research studies the adversary model for ESSC on IIoT and analyzes the cybersecurity of ESSC in the random oracle model. The findings that result from the experiments show that ESSC outperforms the baseline in terms of communication, computation, and storage costs. ESSC thus provides an adequate lightweight digital certificate management and cryptographic scheme which can help in the detection and prevention of several cyberattacks that can harm IIoT networks.
Highlights
Elliptic Curve Diffie Hellman (ECDH) to provide secure digital certificate management and symmetric cryptographic schemes for the Industrial Internet of Things (IIoT) and it solves the problem of verification of the true identity of the sender
The threat model has been defined and the cybersecurity analysis shows that the ESSC has been proven secure against Chosen-plaintext attack (CPA), Chosen-ciphertext attack (CCA), and related-key attack (RKA)
Performance in terms of storage, communication and computation costs compared with the standard baseline digital certificate and cryptographic mechanisms
Summary
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. In IIoT, a digital certificate is used to associate an object’s (a sensor, actuator, or user) identity to a public key using the digital signature of a trusted third party. The trusted third party has the capability to verify the owner’s identity and associate his public key with a digital certificate. If the signature was signed by IIoT gateway, it can be safely assumed that the public key contained in the digital certificate is from the legitimate IIoT user. The general duty of the CAC is to associate IIoT device identities to a public key and digitally sign the sensitive information using his private key. The developer of the cybersecurity mechanism on IIoT platform should design lightweight and efficacious mechanisms to prevent the disclosure of sensitive information to unauthorized attackers and to verify access to the IIoT services [11,12]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
