When Blockchain Makes Ephemeral Keys Authentic: a Novel Key Agreement Mechanism in the IoT World

Conventional Key Management Protocols establish secure communication channels by using asymmetric cryptography based on “fixed“ public keys. In the Internet of Things context, it is preferable to have a good level of freshness of the cryptographic material. But efficient solutions leveraging “ephemeral“ public keys are not available yet. The work presented herein solves this problem by conceiving a novel key agreement methodology integrating the Blockchain technology. Specifically, Blockchain is used to store X.509 certificates related to the initial fixed public keys of devices, to publish new ephemeral public keys, and to help the verification of the authenticity of ephemeral public keys without sending signatures and additional X.509 certificates. A preliminary comparison against Transport Layer Security protocol and other customized key agreement schema presented in the literature demonstrates that the proposed approach registers low communication overhead, limited energy consumptions, and acceptable communication latencies while ensuring the lowest memory footprint.