It depends upon the implementation environment and need.

Based on that you can share the keys. and as you said it's resource constrained environment, you have to go with symmetric key.

for more information,

reach me via

email :- [email protected]

whatsapp :- +918200713617

Dear @krunalkumar shah,

Thank you for your reply. I appreciate your help.

In fact, I am looking for key management and exchange solution proposed in particular for 6LoWPAN networks.

Cordially,

Dear Roumaissa,

for my PhD, I am proposing a "trusted architecture" for cloud/fog-based IoT applications. "Trusted" because it relies on Trusted Execution Environments (TEEs) - e.g. SGX or Trustzone - for 2 of its main components. One of these components that must run on a TEE is the Key Vault, responsible for keys generation, distribution and storage. You can take a look at the following paper, which presents myproposal: Conference Paper Achieving Data Dissemination with Security using FIWARE and ...

For now, I am working with a formal validation of this proposal, using a Coloured Petri Net model and performing Model Checking to verify some security properties. If you think I can help with something, feel free to contact me.

Best regards.

Securing Private Keys for IoT Deployments

Key management involves creating, renewing, accounting for, and managing private keys. Key management is a critical part of device security. Lost keys may compromise security. Expired certificates and keys may shut down device communications because once a certificate expires the key can no longer be used to create a secure connection. The first step to key management is deciding how to store the keys: hosted and managed by a public CA or on-premise and managed by the organization.

Leave the public key storage to us. As a publicly trusted CA, DigiCert is required to meet industry standards for private key storage. This means private keys should be stored on a FIPS 140-2 compliant device, such as an HSM.

DigiCert partners with the leading HSM manufacturers on strategic projects within the security industry. We aid in the planning and deployment of certificates and storage of their private key on HSMs. If interested, we can provide the pros and cons of having private keys stored and managed by DigiCert or stored on-premise and managed by the organization.

End-to-End Encryption

Securing Private Keys for IoT Deployments

Key management involves creating, renewing, accounting for, and managing private keys. Key management is a critical part of device security. Lost keys may compromise security. Expired certificates and keys may shut down device communications because once a certificate expires the key can no longer be used to create a secure connection.

For more details you may refer https://www.digicert.com/internet-of-things/key-management.htm

All the best!!!!

The key management issues in IoT include security, trust, and performance.