Blockchain-based Automated Certificate Revocation for 5G IoT

Internet of Things (IoT) is a key topic of interest in modern communication context with the evolution of 5G and beyond ecosystems. 5G will interconnects billions of IoT devices wirelessly. The wireless communication exposes the devices to massive security risks in different dimensions. The Public Key Infrastructure (PKI) is one of the promising solutions to eliminate security risks. It ensures the authentication and communication integrity by using public key certificates. However, the overhead of certificate storage is a significant problem for the resource constrained IoT devices. We propose an application of Elliptic Curve Qu Vanstone (ECQV) certificates, which are lightweight in size for the resource restricted IoT devices. Furthermore, we incorporate the blockchain based smart contracts to handle the certificate related operations. We utilize the smart contracts in the certificate issuance and developed a smart contract based threat scoring mechanism to automatically revoke the certificates. The lightweight nature of ECQV certificates enables the distributed ledger to store, update, and revoke the certificates. We evaluated the proposed solution in Hyperledger Fabric blockchain platform.