Three Dependencies for Secure IoT Adoption - Part 2
The ECC cipher suites were first introduced in Transport Layer Security (TLS) version 1.0 and extended in versions 1.1 and 1.2. These TLS versions are supported by today’s modern operating systems like iOS, Android OS, Windows, Mac OS X and most Linux distributions.
Now that we see the advantages of ECC keys, how do we deliver them over the air to these things and devices? SCEP cannot be used any longer because it supports RSA-based keys only. The answer is Enrollment over Secure Transport (EST), which is defined in RFC 7030. EST mandates using HTTPS that can be protected by Suite B-compliant cipher suites in the TLS negotiation between the client and server.
In Part 3 of this blog series, I’ll discuss the migration from the IPv4 address space to IPv6. This is the third dependency for securing the Internet of Things and providing a baseline for successful adoption and implementation..