EST over CoAP Explained

Device authentication is the critical security requirement for the Internet of Things (IoT). Unlike the classic web where authentication of users is usually not needed, IoT devices are actually attached to physical equipment, whose operation may be changed as the result of communication. This poses a great risk for actual security of equipment and consequently for the human environment as well. For example, if a fire detector is maliciously switched off, a hypothetical fire won’t be discovered as quickly as it should be and will be more difficult to combat. This calls for a mutual authentication of a device and a server. Essentially, there are two ways of providing mutual authentication, either by using pre-shared keys (PSK) or by certificates. In this blogpost, we focus on enrollment over secure transport (EST), a robust and scalable mechanism for device certificate management.

What is EST?

EST is a certificate management protocol enabling users to retrieve Certificate Authority (CA) certificates, enroll them on a client and renew them if needed. In the public key infrastructure, the EST Server can be considered as a Registration Authority (RA) which receives certificate signing requests (CSRs) and forwards them to a CA, where CA itself is embedded inside the EST Server or is an external service.

Apart from the three basic functionalities, the EST server may also implement optionally: full Certificate Management over CMS (CMC) enrollment, server-side key generation and listing CSR attributes. Originally, the enrollment over secure transport protocol was designed for clients using HTTP over TLS (HTTPs) but it can be also implemented with CoAP to provide those functionalities to resource-constrained devices.

Enrollment over secure transport with HTTPs

The EST server provides functions via URI-defined HTTP endpoints with .well-known/est prefix. The client and server communicate over the secure channel (i.e., mutually authenticated and encrypted).

Obtaining CA certificates is done by posting a GET request on /cacerts. The provided CA certificates are used by the client to verify signatures of objects returned by the CA. 

From the client perspective, the most important functions provided by the EST server is client enrollment. By performing a POST on the /simpleenroll endpoint, the client requests a certificate by providing the certificate signing request (CSR). It can be renewed/rekeyed by sending a similar POST request on the /simplereenroll endpoint.

A CSR provided by the client may require the presence of specific attributes based on the CA policy. Therefore, some EST servers implement the /csrattrs endpoint which returns attributes required by the CA.

The EST server may also provide server-side key generation function. The client requests a private key, certificate pair from the server using a POST on the /serverkeygen endpoint. This is useful when the client lacks resources for key pair generation. However, it must be noted that this is not the ideal method from the device security perspective, as a private key can be leaked if the EST server is compromised.

Enrollment over secure transport with CoAP

As many low-resource IoT devices use CoAP instead of HTTP, a need arose to implement the enrollment over secure transport for such a kind of communication. This implementation mainly focuses on lowering the amount of data transfer, which results in energy savings, as radio is enabled for a shorter period of time. These are the main differences of EST over CoAP:

• DTLS is used instead of TLS,
• response content is in a binary format,
• URIs are shortened, e.g. /cacerts --> /crts,
• resource-consuming function – full CMC request is not supported for CoAP as client-side computations would be too heavy and the transferred data may be too large,
• each function requires the client to be authenticated via a certificate,
• the server may respond with delayed responses using the empty ACK code 0.00 before sending the certificate to the client.

The Coiote IoT Device Management (DM) platform is a case of HTTPS-CoAPS Registrar, not purely a CoAP server. Registrar is an agent between the CoAP client and the actual HTTP EST Server. It handles incoming CoAP requests, translates them into HTTP and handles communication with an external EST HTTP server.

EST in Lightweight M2M – Coiote IoT Device Management case 

The main use of the enrollment over secure transport protocol in LwM2M is a security mode called the Certificate mode with EST. It is configured during the bootstrap phase on IoT devices. When using EST, a private key is generated on the device so it never leaves it, and in addition, the certificate can be refreshed by the IoT device periodically – these features increase security. A typical scenario concerns the device sending the LwM2M Bootstrap request to the bootstrap server. If during bootstrap the EST certificate mode is enabled, then the device sends a CoAP request on the /sen (simple enroll) endpoint to obtain a certificate which is then used to connect to the Management server in the Certificate mode. If the certificate is going to expire shortly, then the device can use the /sren (simple reenroll) endpoint to renew its certificate. The diagram below shows an example scenario in which the device is requesting a Bootstrap Request to the Coiote IoT Device Management and after bootstrap, it uses the EST endpoint to retrieve the certificate which is then used to register on the Management server.

Summary

As the number of IoT devices grows, so does the importance of device security and device authentication. The more devices there are, the more difficult it is to keep them secure. Enrollment over secure transport is a great mechanism that simplifies handling device certificates for large-scale implementation for everyday users. By providing full support for EST, Coiote IoT DM platform makes it more secure as well as faster and easier for ops teams to manage certificates on devices. Watch our webinar on security, to learn more about EST.