A low-overhead approach for self-sovereign identity in IoT

TL;DR

This paper introduces a low-overhead, decentralized identity mechanism for IoT devices in constrained networks, enabling secure communication using DIDs with reduced metadata size and security overhead.

Contribution

It proposes a novel extension to DIDs and a concise serialization method, along with a binary message envelope, to improve identity management in IoT networks.

Findings

Metadata size reduced by nearly four times

Security overhead decreased by up to five times

Both techniques are essential for operation in constrained networks

Abstract

We present a low-overhead mechanism for self-sovereign identification and communication of IoT agents in constrained networks. Our main contribution is to enable native use of Decentralized Identifiers (DIDs) and DID-based secure communication on constrained networks, whereas previous works either did not consider the issue or relied on proxy-based architectures. We propose a new extension to DIDs along with a more concise serialization method for DID metadata. Moreover, in order to reduce the security overhead over transmitted messages, we adopted a binary message envelope. We implemented these proposals within the context of Swarm Computing, an approach for decentralized IoT. Results showed that our proposal reduces the size of identity metadata in almost four times and security overhead up to five times. We observed that both techniques are required to enable operation on constrained networks.