Connecting everything to the Internet is attractive because it can bring efficiency and convenience in many areas. However, security and privacy issues can also occur. The problem is that it is difficult to apply existing security and privacy solutions to the Internet of Things (IoT) because typical IoT devices are resource constrained. This paper focuses on several security and privacy challenges in the IoT and proposes an efficient scheme for certificate revocation.
Certificate revocation management is essential in maintaining a public-key-based security and authentication system. However, a node needs to have sufficient storage and network bandwidth to keep a valid certificate revocation list (CRL). The idea of this paper is that an IoT device can offload the burden of CRL maintenance to a fog node that is assumed to have sufficient resources. To reduce the communication overhead between the fog and the IoT device, this paper proposes a Bloom filter at the cost of a false positive. To prevent invalidation of a certificate due to a false positive, the IoT device asks the fog to double check whether a given certificate is in the CRL list. In the paper, the online certificate status protocol (OCSP) is also introduced for real-time validation checks with low network bandwidth consumption.
Although the paper states that the Bloom filter reduces the communication overhead between the fog and the IoT device compared to the existing CRL and OCSP, there are some unclear points. First, while the estimated CRL size includes the certificate authority’s (CA’s) signature as well as a list of revocations, the Bloom filter of the proposed scheme does not include the CA’s signature. Second, the fog needs to receive a fresh CRL and generate a Bloom filter for the freshest CRL continuously, and the IoT device needs to get the freshest Bloom filter continuously. This load is not counted in the observational results. Third, the Bloom filter includes only the local IoT devices’ certificates. What if the IoT device connects to an outside node? How can an IoT device determine if a certificate is valid if it is not used in generating the Bloom filter due to a new device?
It is reasonable to expect a fog to play a fundamental role in addressing security and privacy concerns. However, a fog is less trustworthy compared to a cloud that is maintained in a data center. Thus, a solution depending on a fog should be carefully designed so that the solution is not vulnerable to fog hacking and does not add additional security-checking burdens to the IoT devices.
