Accountable Bootstrapping Based on Attack Resilient Public Key Infrastructure and Secure Zero Touch Provisioning

Abstract

Internet Engineering Task Force (IETF) issued Secure Zero Touch Provisioning (SZTP) as a provisioning technique for networking devices without human intervention. SZTP standardizes the provisioning workflow from device enrollment to bootstrapping process. Unfortunately, implementing a single trust model of public key infrastructure scheme in zero-touch device provisioning is vulnerable to impersonation attacks using bogus certificates. This paper proposes a robust protocol for the bootstrapping process of edge devices by integrating the Attack Resilient Public Key Infrastructure (ARPKI) scheme with SZTP. As a transparent and accountable public key infrastructure, ARPKI can prevent the miss-issuance of a certificate. ARPKI offers strong security as certificate management for SZTP. We adopt the security properties of ARPKI to construct an accountable bootstrapping scheme of a zero-touch provisioned edge device against threats, e.g., impersonation, incurred by insiders compromised by adversaries. The edge device and bootstrap server can confidently build mutual authentication using the TLS 1.3 full handshake protocol together with the ARPKI-based certificates built upon a trusted public certificate log, which provides the accountability of the certificate. We analyze our scheme's security properties by performing formal and informal analyses. We show that the combination of ARPKI and SZTP can detect malicious entities and mitigate misbehaving activities. Our provisioning scheme provides accountable bootstrapping for edge devices in a zero-touch fashion with integrity and confidentiality of bootstrapping data.