Identity-based protocol design patterns for machine-to-machine secure channels

In the classical design pattern for secure channel protocols, there is a first phase where the endpoints establish a shared secret and one or both endpoints authenticate by presenting a certificate and demonstrating knowledge of the associated private key; and a second phase where application data traffic between the endpoints is protected using symmetric keys for encryption and authentication derived from the shared secret. This classical pattern emerged in the nineties, when most secure channels were intended for human-to-machine (H2M) communications and the latency caused by roundtrips and transmission of bulky certificate chains resulted in no more than inconvenience to the human. In machine-to-machine (M2M) communication, on the other hand, excessive latency may be unacceptable for safety-critical and other applications. We describe a range of alternative protocol design patterns that use identity-based encryption to eliminate roundtrips and certificate transmission. These patterns can be used in the design of new secure channel protocols or retrofitted into existing protocols.