The Public Key Infrastructure (PKI) serves as the foundation for online security, particularly within the realm of the Internet of Things (IoT). It operates based on certified public keys that remain permanent but can be revoked when necessary, such as in the case of a change in ownership, compromise of the private key, or malicious activities. Although this method ensures secure key utilization with traceability, it also introduces a potential privacy risk due to the traceability and utilization of identity-based certificates.

This approach is considered an innovative strategy for ensuring user confidentiality, integrity, authentication, and privacy in the context of the Internet of Things. The proposed solution integrates elliptic curves (ECDH) and traditional PKI to safeguard user privacy. It introduces two types of elliptic curve keys: long-term identity-based certified keys and dynamically generated temporary anonymous aliases. These aliases are seamlessly recorded by the certification authority, which maintains distinct directories for long-term and temporary keys. This dual-key approach enhances security while addressing the specific requirements of the Internet of Things.

IoT; Pseudonym; PKI; Authentication; Privacy; Security

Leila Benarous and Benamar Kadri, “ The quest of privacy in public key infrastructure,” International Journal of Blockchains and Cryptocurrencies, Vol. 2, No. 3, 2021.

Zahera DIB, imadeddine RAHMOUNI, Souici KHOUDIR, Walid DIB, “ Application of the internet of things in the traceability of a supply chain,” Academic Journal of Manufacturing Engineering, 2023.

S. Pundir, M. Wazid, D. P. Singh, A. K. Das, J. J. P. C. Rodrigues and Y. Park, "Intrusion Detection Protocols in Wireless Sensor Networks Integrated to Internet of Things Deployment: Survey and Future Challenges," in IEEE Access, vol. 8, pp. 3343-3363, 2020, doi: 10.1109/ACCESS.2019.2962829.

Ahmed, A.A.; Malebary, S.J.; Ali, W.; Alzahrani, A.A, “A Provable Secure Cybersecurity Mechanism Based on Combination of Lightweight Cryptography and Authentication for Internet of Things,” Mathematics, 2023, 11, 220. https://doi.org/10.3390/math11010220

Ahmed, A.A.; Ahmed, W.A, “An Effective Multifactor Authentication Mechanism Based on Combiners of Hash Function over Internet of Things,” Sensors, 2019, 19, 366

Kadri, Benamar & Feham, Mohammed & M'Hamed, Abdallah, “Lightweight PKI for WSNs uPKI,” International Journal of Network Security. 10, 2010.

C. Adams and S. Farrell, “ RFC2510: Internet X.509 Public Key Infrastructure Certificate Management Protocols,” RFC Editor, USA, 1999.

EllisonC. et al, “Ten risks of PKI: What you’re not being told about public key infrastructure,” Comput. Secur. J. (2000).

Zhu J, Wan C, Nie P, Chen Y, Su Z, “Guided, Deep Testing of X. 509 Certificate Validation via Coverage Transfer Graphs,” In: IEEE. ; 2020: 243–254.

Lei, A., Cruickshank, H.S., Cao, Y., Asuquo, P.M., Ogah, C.P., & Sun, Z, “ Blockchain-Based Dynamic Key Management for Heterogeneous Intelligent Transportation Systems,” IEEE Internet of Things Journal, 4, 1832-1843, 2017.

Shi J, Zeng X, Han R, “A Blockchain-Based Decentralized Public Key Infrastructure for Information-Centric Networks,” Information. 2022; 13(5):264. https://doi.org/10.3390/info13050264

Patel M, “The security and privacy of wearable health and fitness Devices,” 2016. https://securityintelligence.com/the-security-and-privacy-of-wearable-health-and-fitness-devices. Accessed on October.

Sabrina Sicari, Alessandra Rizzardi, Luigi Alfredo Grieco, and Alberto Coen-Porisini, “Security, privacy and trust in internet of things : The road ahead,” Computer Networks, 76 :146– 164, 2015.

Yuchen Yang, Longfei Wu, Guisheng Yin, Lijie Li, and Hongbin Zhao, “A survey on security and privacy issues in internet-of-things,” IEEE Internet of Things Journal, 4(5) :1250–1258, 2017.

Jie Lin, Wei Yu, Nan Zhang, Xinyu Yang, Hanlin Zhang, and Wei Zhao, “A survey on internet of things : Architecture, enabling technologies, security and privacy, and applications,” IEEE Internet of Things Journal, 4(5) :1125–1142, 2017.

https://www.certeurope.fr/blog/quest-ce-quune-pki-ou-infrastructure-a-cles-publiques/

Koblitz, N, “Elliptic curve cryptosystems,” Mathematics of Computation, 48(177), 203-209, 1987.

Victor S Miller, “Use of elliptic curves in cryptography,” In Lecture Notes in Computer Sciences, on Advances in cryptology—CRYPTO 85, Springer-Verlag, New York, NY, USA, 1986, 218, 417–426.

Rafik, M. B. O. & Mohammed, F. (2013), "The impact of ECC’s scalar multiplication on wireless sensor network, " 2013 11th International Symposium on Programming and Systems (ISPS), Algiers, Algeria, 2013, 17-23. doi:10.1109/ISPS.2013.6581488

https://www.educative.io/answers/what-is-the-elliptic-curve-diffie-hellman-algorithm