Tag Archives: IoT Security

Dojo wants to monitor and secure your IoT devices


This IoT security device will notify you of any danger through a wireless, color-coded orb.


With billions of connected things already in existence today, and a few billion more expected in the next two years, the need for security has never been greater. Cognizant of this, one Bay Area startup has come up with an innovative solution that monitors the behavior of smart devices on your network to protect and ensure the privacy of your home. Introducing Dojo.

Dojo

The brainchild of Dojo-Labs, this IoT security system is comprised of a few parts: a white dock that plugs into your Internet gateway, a pebble-like unit which receives alerts over Bluetooth and an accompanying smartphone app that puts control right in the palm of your hand. Whenever activity occurs on the network worth your attention, the light rings on the stone will start to glow in one of three colors — red, yellow and green.

Once connected to your home network, Dojo will add each respective device and begin tracking their activity, informing you of any odd or peculiar behavior. A red light suggests action must be taken, orange signifies that a problem is being fixed, and green denotes that everything is fine.

“Dojo knows when the TV is still recording your voice even if it’s off and when that data is being uploaded to the cloud,” explains Yossi Atias, co-founder and CEO of Dojo-Labs. “We all lock our front doors and yet our devices are wide open. Our homes contain our most intimate data but the security of these things is an afterthought. We created Dojo as the first technology to help us safeguard our homes.”

dojo-app-screens.jpg

Dojo doesn’t examine the incoming and outgoing content on network, but instead analyzes metadata about who the gadgets are talking to and how. The system prevents attacks and detects intrusions through machine learning and behavior tracking. It learns what’s normal for each device and then checks to see whether it’s doing anything differently. Without even having to look at the data or knowing what those threats are, Dojo can block them. It grows increasingly intelligent as new attacks and equipment are introduced.

What’s more, Dojo can sense when something is up and will immediately notify the user by displaying a simple message in the mobile app, while also changing the color emanating from the pebble. You will be prompted to either allow or block the activity, as well as communicate back to the system through that same text-messaging interface.

The Dojo approach to security and its role in the home is incredibly unique and was designed by Gadi Amit and the team at NewDealDesign. With a growing number of appliances coming online, perhaps this could be the solution to put everyone’s mind at ease.

Intrigued? Head over to Dojo’s official page here.

Develop secure IoT apps with the Atmel Certified-ID platform


The Atmel Certified-ID security platform prevents unauthorized reconfiguration of an edge node to access protected resources on the network.


Atmel has announced a comprehensive security platform that enables businesses of all sizes to assign certified and trusted identities to devices joining the secure Internet of Things. The Atmel Certified-ID security platform prevents unauthorized reconfiguration of an edge node to access protected resources on the network. This new platform is available on the Atmel SmartConnect Wi-Fi, Bluetooth, Bluetooth Smart and ZigBee solutions that connect directly to Atmel Cloud Partners, providing a secure turnkey solution for IoT edge node-to-cloud connection.

Sec

The Atmel Certified-ID platform delivers a distributed key provisioning solution, leveraging internal key generation capabilities of the ATECC508A CryptoAuthentication device, without invoking large scale infrastructure and logistics costs. This platform even allows developers to create certified and trusted identities to any device before joining an IoT network.

With billions of devices anticipated by 2020 in the rapidly growing IoT market, security is a critical element to ensuring devices can safely and conveniently access protected assets through the Internet. Today, secure identities are commonly created through a centralized approach where IoT device keys and certificates are generated offline and managed in secure databases in Hardware Security Modules (HSM) to protect the keys. These keys are then programmed into the IoT devices by connecting the HSM to automation equipment during device manufacturing. This approach is indispensable in large deployments consisting of millions of devices. It can also entail significant upfront costs in infrastructure and logistics which must be amortized over a large number of devices for cost effectiveness.

By utilizing the unique internal key generation capabilities of ATECC508A device, the recently-unveiled platform enables decentralized secure key generation, making way for distributed IoT device provisioning regardless of scale. This method eliminates the upfront costs of the provisioning infrastructure which can pose a significant barrier in deploying devices in smaller scales. On top of that, developers will be able to create secure IoT devices compatible with partner cloud services and to securely join ecosystems.

Atmel is currently working with several cloud service companies, including Proximetry and Exosite, on the Certified-ID platform. These collaborations will give developers a wide range of ecosystem partners to choose from for a secure connection between the edge nodes and the IoT. Other partners will be announced as they are integrated in the Certified-ID platform.

“As a leader in the security space with a track record of over two decades, enabling secure networks of all sizes is our mission,” said Nuri Dagdeviren, Atmel Vice President and General Manager of Secure Products Group. “Streamlining secure processes and simplifying deployment of real world secure networks will be key to unlocking the potential and enabling rapid growth of IoT. We will continue delivering industry-leading solutions in security, a critical element in enabling billions of ‘things’ to be connected to the cloud.”

banner_AT88CKECCROOT-SIGNER

Atmel now offers security provisioning tool kits to enable independent provisioning for pilot programs or production runs when used in conjunction with the ATECC508A ICs. These devices are pre-provisioned with internally generated unique keys, associated certificates, and certification-ready authentication once it is connected to an IoT ecosystem.

Developers will need two kits to securely provision their gadgets: the AT88CKECCROOT tool kit, a ‘master template’ that creates and manages certificate root of trust in any ecosystem, and the AT88CKECCSIGNER tool kit, a production kit that enables partners to provision IoT devices.

The AT88CKECCSIGNER kit lets designers and manufacturers generate tamper-resistant keys and security certifications requiring hardware security in their IoT applications. These keys provide the level of trust demanded by network operators and allows system design houses to provision prototypes in-house—saving designers overall investment costs.

The tool kits also include an easy-to-use graphical user interface that allow everyone to seamlessly provision their IoT devices with secure keys and certificates without special expertise. With distributed provisioning, developers are not required to use expensive HSM for key management and certificate acquisition fees.

In addition to secure IoT provisioning, the new Certified-ID platform provides high-quality random number generation to guarantee a diverse set of public and private keys. It delivers solutions to a variety of IoT security needs including node anti-cloning protection, data confidentiality, secure boot, and secure firmware upgrades over-the-air. The tamper resistance built into the ATECC508A device continues to provide the desired protection even when the device is under physical attack.

Ready for the Internet of Trusted Things? Both the Atmel AT88CKECCROOT and AT88CKECCSIGNER are available today.

Enhance Raspberry Pi security with ZymKey


In this blog, Zymbit’s Scott Miller addresses some of the missing parts in the Raspberry Pi security equation. 


Raspberry Pi is an awesome platform that offers people access to a full-fledged portable computing and Linux development environment. The board was originally designed for education, but has since been embedded into countless ‘real world’ applications that require remote access and a higher standard of security. One of, if not, the most notable omissions is the lack of a robust hardware-based security solution.

Zymkey_004-1

At this point, a number of people would stop here and say, “Scott, you can do security on RPi in software just fine with OpenSSL/SSH and libgcrypt. And especially with the Model 2, there are tons of CPU cycles left over.” Performance is not the primary concern when we think about security; the highest priority is to address the issue of “hackability,” particularly through remote access.

What do you mean by “hackability?”

Hackability is a term that refers to the ease by which an attacker can:

  • take over a system;
  • insert misleading or false data in a data stream;
  • decrypt and view confidential data.

Perhaps the easiest way to accomplish any or all of the aforementioned goals is for the attacker to locate material relating to security keys. In other words, if an attacker can gain access to your secret keys, they can do all of the above.

Which security features are lacking from Raspberry Pi?

Aside from not having hardware-based security engines to do the heavy lifting, there’s no way to secure shared keys for symmetric cryptography or private keys for asymmetric cryptography.

Because all of your code and data live on a single SD card, you are exposed. Meaning, someone can simply remove the SD card, pop it into a PC and have possession of the keys and other sensitive material. This is particularly true when the device is remote and outside of your physical control. Even if you somehow try to obfuscate the keys, you are still not completely safe. Someone with enough motivation could reverse engineer or work around your scheme.

The best solution for protecting crypto keys is to ensure the secret key material can only be read by standalone crypto engines that run independently from the core application CPU. This basic feature is lacking in the Raspberry Pi.

Securing Raspberry Pi with silicon and software

With this in mind, Zymbit has decided to extract some of the core security features from the Zymbit.Orange and combine them into a tiny device that embeds onto the Raspberry Pi, providing seamless integration with Zymbit’s remote device management console. Meet the ZymKey!

ZymKey for secure remote device management

ZymKey brings together silicon, firmware drivers and software services into a coherent package that’s compatible with Zymbit’s secure IoT platform. This enables a Raspberry Pi to be accessed and managed remotely, firmware to be upgraded and access rights to be administered.

Zymkey-System-Overview-5-1

Secure software services

Zymbit’s Connect libraries enhance the security and utility of Raspberry Pi in the following ways:

  • Add message authentication to egress messages to the Zymbit cloud by attaching a digital signature, which proves that the data originated to a specific Raspberry Pi/Key combination. (Meaning that it was not forged or substituted along the way).
  • Assist in providing security certificates to the Zymbit cloud.
  • Authenticate security certificates from the Zymbit cloud.
  • Optionally help to encrypt/decrypt the content of messages to/from the Zymbit cloud.

Data that is encrypted/authenticated through ZymKey will be stored in this encrypted/authenticated form, thereby preserving the privacy and integrity of the data.

Zymkey-System-Detail-1

In addition to its standard attributes, developers can access lower level features through secure software services, including general cryptography (SHA-256 MAC and HMAC with secure keys, public key encryption/decryption), password validation, and ‘fingerprint’ services that bind together specific hardware configurations.

Stealth hardware

ZymKey’s low-profile hardware plugs directly into the Pi’s expansion header while still allowing Pi-Plates to be added on top. Lightweight firmware drivers run on the RPi core and interface with software services through zymbit.connect. It should also be noted that a USB device is in the works for other Linux boards.

ZYMKEY-RPi-Annotated-2

At the heart of the ZymKey is the newly released ATECC508A CryptoAuthentication IC. Among some of its notable specs are:

  • ECC asymmetric encryption engine
  • SHA digest engine
  • Random number generator
  • Unique 72-bit ID
  • Tamper prevention
  • Secure memory for storing:
    • Sensitive key material – an important thing to point out is that private keys are unreadable by the outside world and, as stated above, are only readable by the crypto engine.
    • X.509 security certificates.
    • Temporary items: nonces, random numbers, ephemeral keys
  • Optional encryption of transmitted data across the I2C bus for times when sensitive material must be exchanged between the Raspberry Pi and the ATECC508A

Life without ZymKey

Raspberry Pi can be used with the Zymbit Connect service without the ZymKey; however, the addition of ZymKey ensures that communications with Zymbit services are secured to a higher standard. Private keys are unreadable by the outside world and usable only by the ATECC508A, thus making it difficult (if not practically impossible) to compromise.

Each ZymKey has a unique set of keys. So, if, on the off chance that a key is compromised, only that key is affected. Simply stated, if you have several Raspberry Pi/ZymKey pairs deployed and one is compromised, the others will still be secure.

Once again, it is certainly possible to achieve the above goals purely through software (OpenSSL/libgcrypt/libcrypto). However, especially regarding encryption paths, without ZymKey’s secure storage, key material must be stored on the Raspberry Pi’s SD card, exposing private keys for anyone to exploit.

Stay tuned! The ZymKey will be making its debut on Kickstarter in the coming days.

Atmel implements Intel EPID technology on all SmartConnect wireless solutions


Atmel is collaborating with Intel on EPID technology to enable more secure IoT applications.


Atmel is working with Intel to bring more secure Internet of Things applications to market. In this collaboration, Atmel will support Intel Enhanced Privacy ID (Intel EPID) technology on all Atmel SmartConnect wireless solutions to improve secure cloud provisioning — the mutual authentication of the IoT node with the cloud — in the rapidly growing IoT market where devices are becoming increasingly more connected.

Smart

With tens of billions of devices anticipated by 2020, security is surely one of the most critical components to enabling a seamless connection between the edge node and the cloud. To accomplish this, Atmel offers a complete portfolio of IoT solutions that combine both Atmel | SMART MCUs along with SmartConnect wireless technologies ranging from Wi-Fi, 802.15.4 and Bluetooth, and other secure products. This newly-announced effort will give developers implementing these wireless solutions the option to use the trusted Intel EPID identification standard in their next gizmo or gadget.

“Implementing Intel EPID offers IoT designers a truly seamless edge-to-cloud Internet of Things platform with proven security options available with our broad Internet of Things portfolio,” said Kaivan Karimi, Atmel’s Vice President and General Manager of Wireless Solutions. “With this new technology, Atmel’s SmartConnect wireless and IoT solutions now support Intel EPID, a security technology that has been proven over the last 5 years.”

business_technology_connectivity_iot_network_system_security_thinkstock_459434713-100468719-primary.idge

For those who may not know, Intel EPID is an ISO standard for identity and privacy that has been shipping in Intel platforms since 2011. The technology delivers a hardware root of trust and is PKI compatible. With Intel EPID, devices can be identified and a secure communication can be linked between these devices. Additionally, the group membership can be determined without revealing the identity of the specific platform allowing for another level of security. Intel EPID can dynamically assign and revoke group memberships by individuals. Even more, this technology meets the latest protected key delivery requirements for content and data protection protocols.

“With the rapidly growing IoT ecosystem, security is key, and Intel EPID is a proven secure technology that can provide the billions of devices in this new market with a common security foundation. By implementing Intel EPID technology, Atmel is enabling a more secure, seamless IoT platform,” explained Lori Wigle, Intel’s General Manager of IoT Security.

You can hack what?!


From skateboards and trucks to medical devices and rifles, these recent hacks show that every “thing” is at risk.


Musicians have the GRAMMYs. Actors have the Emmys. Athletes have the ESPYS. Hackers, well they have Black Hat. Every year, more than 10,000 security pros converge in Las Vegas to explore the latest network flaws, device vulnerabilities and cyber attacks of the past, present and future. While these demonstrations typically focused on how to take control of computers, given the rise of the Internet of Things, it seems like just about any “thing” can be susceptible to malicious intruders. As we gear up for what will surely be an insane amount of coverage across all media channels, here are a few hacks that’ll surely grab your attention.

OnStar vehicles

Serial hacker Samy Kamkar has devised a tablet-sized box that could easily tap into and wirelessly take control of a GM car’s futuristic features. With connected car security a hot topic at this year’s conferences, the Los Angeles-based entrepreneur has created a device — dubbed OwnStar — that can locate, unlock and remotely start any vehicle with OnStar RemoteLink after intercepting communication between the RemoteLink mobile app and OnStar servers.

clky0h4wgaesaly

The system is driven by a Raspberry Pi and uses an ATmega328 to interface with an Adafruit FONA for cellular connection. After opening the OnStar RemoteLink app on a smartphone within Wi-Fi range of the hacking gadget, OwnStar works by intercepting the communication. Essentially, it impersonates the wireless network to fool the smartphone into silently connecting. It then sends specially crafted packets to the mobile device to acquire additional credentials and notifies the attacker over 2G about the new vehicle it indefinitely has access to, namely its location, make and model.

With the user’s login credentials, an attacker could do just about anything he or she wants, including tracking a car, unlocking its doors and stealing stuff nside (when carjacking meets car hacking), or starting the ignition from afar. Making matters worse, Kamkar says a remote control like this can give a malicious criminal the ability to drain the car’s gas, fill a garage with carbon monoxide or use its horn to drum up some mayhem on the street. The hacker can also access the user’s name, email, home address, and last four digits of a credit card and expiration date, all of which are accessible through an OnStar account.

Tesla Model S

Researchers said they took control of a Tesla Model S car and turned it off at low speed, one of six significant flaws they found that could provide hackers total access to vehicles, the Financial Times reported.

Tesla

Kevin Mahaffey, CTO of Lookout, and Marc Rogers, principal security researcher at Cloudflare, claimed they decided to hack a Tesla car because the company has a reputation for understanding software than most automakers. The hackers had to physically gain entry into the vehicle, which made it more difficult than many other attacks. Once they were connected through an Ethernet cable, they were later able to access the systems remotely. These included the screens, speedometer, windows, electronic locks, and the ignition.

“We shut the car down when it was driving initially at a low speed of five miles per hour. All the screens go black, the music turns off and the handbrake comes on, lurching it to a stop,” Rogers describes.

Tesla has since issued a patch to fix the flaws.

Electric skateboards

After his own electric skateboard abruptly stopped working last year, unable to receive commands from its remote control, Richo Healey decided to delve a bit deeper into the incident. What he discovered was that, the volume of Bluetooth traffic in the surrounding the intersection interfered with his RC’s connection to the board.

Hack

Cognizant of this defect, Healy teamed up with fellow researcher Mike Ryan to examine the hackability of his and other e-skateboards on the market today. The result was an exploit they developed called FacePlant that can give them complete control of someone’s gadget.

The duo describes FacePlant as “basically a synthetic version of the same RF noise” that Healey experienced at the intersection in his hometown of Melbourne. The exploit ultimately allows them to gain total control of someone cruising down the street or sidewalk, which means they could easily cold stop a board or send it flying in reverse, tossing the rider.

They found at least one critical vulnerability in each board they examined, all of which hinge on the fact that the manufacturers of the boards failed to encrypt the communication between the remotes and the boards. The attack for controlling them is essentially identical across the board (no pun intended), but the mechanism for conducting it differs somewhat for each one. As a result, they’ve only completed an exploit for the Boosted board at this time.

Square readers

Three former Boston University students have highlighted a vulnerability in the hardware of Square readers that would enable hackers to convert it into a credit card skimmer in less than 10 minutes. The rigged PoS device could then be used to steal personal information with a custom-recording app.

h_butoday_register.02-640859785726568a44d6465746406445

Computer engineering grads Alexandrea Mellen, John Moore and Artem Losev unearthed the flaw last year in a project for their cybersecurity class. They also found that Square Register software could be hacked to enable unauthorized transactions at a later date.

“The merchant could swipe the card an extra time at the point of sale. You think nothing of it, and a week later when you’re not around, I charge you $20, $30, $100, $200… You might not notice that charge. I get away with some extra money of yours,” Moore explains.

The group says there is no evidence that either of the vulnerabilities have been employed to scam credit card holders, but does warn that their findings raise red flags for the fast-emerging mobile commerce industry.

Medical devices

The U.S. Food and Drug Administration and Department of Homeland Security have both issued advisories warning hospitals not to use the Hospira infusion system Symbiq due to cybersecurity risks. While no known attack has occurred, hackers could theoretically tamper with the intravenous infusion pump by accessing a hospital’s network.

“This could allow an unauthorized user to control the device and change the dosage the pump delivers, which could lead to over- or under-infusion of critical patient therapies,” the FDA said in a statement.

Hospira has since discontinued the manufacture and distribution of the Symbiq Infusion System, because of unrelated issues, and is working with customers to transition to alternative systems. However, amid the latest string of security woes, the FDA strongly encourages healthcare facilities to begin transitioning to other infusion systems as soon as possible.

This isn’t the first time vulnerabilities in medical devices have been in the spotlight. Back in 2014, Scott Erven and his team found that drug infusion pumps could be remotely manipulated to change the dosage doled out to patients. On top of that, a WIRED article noted that “Bluetooth-enabled defibrillators could be hacked to deliver random shocks to a patient’s heart or prevent a medically needed shock from occurring, X-rays that can be accessed by outsiders lurking on a hospital’s network; temperature settings on refrigerators storing blood and drugs that can be reset, causing spoilage; and digital medical records that can be altered to cause physicians to misdiagnose, prescribe the wrong drugs or administer unwarranted care.”

Semi trucks

Asset-tracking systems made by Globalstar and its subsidiaries were discovered to have flaws that would enable a hijacker to track valuable and sensitive cargo and then disable the location-tracking device used to monitor it. From here, criminals could potentially fake the coordinates to make it appear as if the shipment was still traveling its intended route. Or, as WIRED points out, a hacker who simply wanted to cause chaos could add false coordinates to companies and militaries monitoring their assets and shipments to make it appear as if they’d been taken over.

Intercepting-Satellite-Comms-from-Plane-768x1024

These findings were brought to light by Colby Moore, a researcher with the security firm Synack. The same vulnerable technology isn’t only employed for tracking cargo, it’s used in people-tracking systems for search-and-rescue missions and in SCADA environments as well.

As Moore tells the magazine, the Simplex data network that Globalstar uses for its satellites doesn’t encrypt communication between the tracking devices, orbiting satellites and ground stations, nor does it require the communication be authenticated so that only legitimate data gets sent. Subsequently, a hacker could intercept the communication, spoof it or jam it.

“Each device has a unique ID that’s printed on its outer casing. The devices also transmit their unique ID when communicating with satellites, so an attacker targeting a specific shipment could intercept and spoof the communication. Often the unique IDs on devices are sequential, so if a commercial or military customer owns numerous devices for tracking assets, an attacker would be able to determine other device IDs, and assets, that belong to the same company or military based on similar ID numbers.”

Rifles

Security researchers Runa Sandvik and Michael Auger have hacked a pair of $13,000 TrackingPoint self-aiming rifles. The duo has developed a set of techniques that could let an attacker compromise the gun via its Wi-Fi connection and exploit vulnerabilities in its software. According to WIREDthe tactics can change variables in the scope’s calculations that make the rifle inexplicably miss its target, permanently disable the scope’s computer, or even prevent the gun from firing.

Hack

“The first of these has to do with the Wi-Fi, which is off by default, but can be enabled so you can do things like stream a video of your shot to a laptop or iPad. When the Wi-Fi is on, the gun’s network has a default password that allows anyone within Wi-Fi range to connect to it. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application.”

Additionally, the researchers shared that a hacker could alter the rifle in a way that would persist long after that Wi-Fi connection is broken. It’s even possible, they tell WIRED, to implant the gun with malware that would only take effect at a certain time or location-based on querying a user’s connected phone.

Hijacking data as sound waves

Reuters has reported that a team of researchers led by Ang Cui have demonstrated the ability to hijack standard equipment inside computers, printers and millions of other electronic devices to send information through sound waves.

funtenna.jpg.CROP.promovar-mediumlarge

The project, called Funtenna, refers to a software payload that intentionally causes its host hardware to act as an improvised RF transmitter using existing hardware, which is typically not designed for electromagnetic emnation.

The program works by taking control of the physical prongs on general-purpose input/output circuits and vibrates them at a frequency of the researchers’ choosing, which can be audible or not. The vibrations can be picked up with an AM radio antenna a short distance away.

The new transmitting antenna adds another potential channel that would be hard to detect because no traffic logs would catch data leaving the premises. Cui tells Reuters that hackers would need an antenna close to the targeted building to pick up the sound waves, as well as find some way to get inside a targeted machine and convert the desired data to the format for transmission.

Smart homes

Tobias Zillner and Sebastian Strobl of Cognosec uncovered flaws in the Zigbee standard, which is widely used by countless IoT appliances. Specifically, the researchers shed light on the fact that the protocol’s reliance on an insecure key link with smart gadgets opens the door for hackers to spoof them and potentially gain control of your connected home. According to Cognosec, the items that have been tested and proven to be susceptible include ight bulbs, motion sensors, temperature sensors and door locks.

“If a manufacturer wants a device to be compatible to other certified devices from other manufacturers, it has to implement the standard interfaces and practices of this profile. However, the use of a default link key introduces a high risk to the secrecy of the network key,” the team states in its recent paper. “Since the security of ZigBee is highly reliant on the secrecy of the key material and therefore on the secure initialisation and transport of the encryption keys, this default fallback mechanism has to be considered as a critical risk. If an attacker is able to sniff a device and join using the default link key, the active network key is compromised and the confidentiality of the whole network communication can be considered as compromised.”

[Images: Samy Kamkar, Tesla, Colby Moore, Square, WIRED, Ang Cui]

Why the IoT needs multi-layer security


When it comes to the Internet of Things, you’re only as a strong as your weakest link. 


The notion of security being only as strong as its weakest link is especially true for the Internet of Things. When it comes to connected devices, security must be strong at all layers, closing any possible open doors and windows that an attacker can crawl through. Otherwise, if they can’t get in on ther first floor, they will try another.

Security_SS_147872255

Internet security has been built mainly upon Transport Layer Security, or TLS. TLS provides confidentiality, data integrity and authentication of the communication channel between an Internet user and a secure website. Once a secure communications channel is set up using a TLS method, for example, the other half of the true security equation is needed, namely applications layer security.

To understand this notion, think of logging into your bank account on the web. First, you go to the bank’s website, which will set up a secure channel using TLS. You know TLS is successful when you see the lock symbol and https (“S” for secure) in the browser. Then, you will be brought to a log-in page and prompted to enter your credentials, which is how the bank authenticates your identity, ensuring that you’re not some hacker trying to gain access into an unauthorized account. In this scenario, your password is literally a secret key and the bank has a stored copy of the password which it compares to what you entered. (You may recognize that this is literally symmetric authentication with a secret key, though the key length is very small.) Upon logging in, you are, in fact, operating at the application. This application, of course, being electronic banking.

So, as autonomous IoT nodes spread around the world like smart dust, how do those nodes ensure security? This can essentially be achieved using the same two steps:

  • Set up Transport Layer Security to secure the communications channel using TLS or another methodology to get confidentiality, data integrity and confidentiality in the channel. This channel can be either wired or wireless.
  • Set up Applications Layer Security to safeguard the information that will be sent through the communications channel by using cryptographic procedures. Among proven cryptographic procedures to do so are ECDSA for authentication, ECDH key agreement to create session keys, and encryption/decryption engines (such as AES that use the session keys) for encrypting and decrypting messages. These methods make sure that the data source in the node (e.g. a sensor) is authentic, the data is confidential and has not been tampered with in any degree (integrity).

Un

The reason that multi-layer security, particularly application layer security, is required is that attackers can get into systems at the edge nodes despite a secure channel. Long story short, TLS is not enough.

IoT nodes collect data, typically through some kind of sensor or acting on data via an actuator. A microcontroller controls the operation of the node and a chosen technology like Wi-Fi, Bluetooth and Zigbee provides the communications channel. The reason that application layer security needs to be added to the TLS is that, if an attacker can hack into the communications channel via any range of attacks (Heartbleed, BEAST, CRIME, TIME, BREACH, Lucky 13, RC4 biases, etc.), they can then intercept, read, replace and/or corrupt the sensor/actuator or other node information.

Attack

Unfortunately in the real world, TLS gets breached, making it not sufficient. As a result, true security requires both Transport Layer and Applications Layer Security. Think of it as a secure pipeline with secure data flowing inside. The crypto element — which are an excellent way to establish the Applications Layer Security for the IoT — gets in between the sensor and the MCU to ensure that the data from the sensor has all three pillars of security applied to it: confidentiality, integrity, and authentication (also referred to as “CIA”). CIA at both the transport and application layers is what will make an IoT node entirely secure.

Fortunately, Atmel has an industry-leading portfolio of crypto, connectivity and controller devices that are architected to easily come together to form the foundation of a secure Internet of Things. The company’s wireless devices support a wide spectrum of standards including Wi-Fi, Bluetooth, Bluetooth Low Energy and Personal Area Networks (802.15.4), not to mention feature hardware accelerated Transport Layer Security (TLS) and the strongest link security software available (WPA2 Enterprise).

MCU1

Crypto elements, including CryptoAuthentication and Trusted Platform Modules (TPM) with protected hardware-based key storage, make it easy to provide extremely robust security for IoT edge nodes, hubs, and other “things” without having to be a crypto expert. Built-in crypto engines perform ECDSA for asymmetric authentication and ECDH key agreement to provide session keys to MCUs, including ARM and AVR products that run encryption algorithms.

The “three-legged stool” of cryptography


Implementing true IoT requires a three-pronged approach, like a three-legged stool. 


Implementing true security in Internet of Things (IoT) devices requires a three-pronged approach. Like a three-legged stool, each of these legs are required to properly achieve security with at least two of these so-called legs demanding a hardware-based approach.

Stool

These legs consist of:

  • A strong cryptographic cipher for the job
  • High entropy, cryptographically secure, random number generator (Crypto RNG)
  • Persistent secure key storage with active tamper detection

Now, let’s go over these one by one.

A Strong Cryptographic Cipher for the Job

A cipher is a cryptographic algorithm for performing encryption and decryption, which needs to be strong enough for the application at hand. A one-time pad is considered the only unbreakable cipher, so theoretically all other ciphers can be eventually broken. Time and cost are the two usual measures of breaking any cipher.

Time

The cover time of a secret refers to the amount of time that the message needs to be kept secret. A tactical secret, such as a command to fire a particular missile at a particular target has a cover time from the moment the commander sends the message to the moment the missile strikes the target. After that, there isn’t much value in the secret. If an algorithm is known to be breakable within a few hours, even that algorithm provides enough cover time for the missile firing scenario.

On the other hand, if the communication is the long term strategy of the entire war, this has a cover time significantly longer and a much stronger cipher would be required.

Cost

Generally, the time it takes to break any cipher is directly relates to the computation power of the system and the mathematical skills of your adversary. This usually directly coincides with the cost, so the value of your secret will, in a large part, determine how much effort is put into breaking your cryptography.

Therefore, you want to select a cipher which is well known to be strong, has been open to both academia and the public, and survived their scrutiny. Vigorously avoid proprietary algorithms claiming to be strong. The only thing which can speak to a cipher’s strength is for it to be fully open to scrutiny.

These types of proven ciphers are available within Atmel’s line of microcontrollers and microprocessors.

High Entropy, Cryptographically Secure, Random Number Generator

The importance of a Crypto RNG cannot be overstated. Some of the things which rely on the randomness of the random number include:

  • Key stream in one-time pads
  • Primes p, q in the RSA algorithm
  • Private key in digital signature algorithms
  • Initialization vectors for cipher modes

… The list of critically important requirements for high randomness is long.

Any modern cipher, regardless of intrinsic strength, is only as strong as the random number generator used. Lack of adequate entropy in the random number significantly reduces the computational energy needed for attacks. Cryptographically secure random number generators are important in every phase of public key cryptography.

To realize a cryptographically secure random number generator, a high quality deterministic random number generator and a high entropy source, or sources, are employed. The resulting generator needs to produce numbers statistically independent of each other. The output needs to survive the next bit test, which tests the possibility to predict the next bit of any sequence generated, while knowing all prior numbers generated, with a probability of success significantly greater than 0.5. This is no trivial task for randomly generating numbers as long as 2256.

It is incredibly hard to create a Crypto RNG. Even if you had the code right, there is not enough entropy sources in an embedded system to devise a cryptographically secure random number generator. Most embedded systems, especially IoT nodes are, well, pretty boring. At least when considered in the context of entropy. 2256 bits is a larger number than the number of all the stars in the entire universe. How much entropy do you really think exists in your battery powered sensor?

Companies serious about security put a lot of effort into their Crypto RNGs and have their generators validated by the National Institute of Standards and Technology (NIST), the government body overseeing cryptographic standards in the U.S. and jointly with Canada.

Any assurance or statements that a RNG is “compliant” or “meets standards” and is not validated by NIST is unacceptable within the cryptographic community. A Random Number Generator is either on NIST’s RNG Validation List or it isn’t. It’s as simple as that.

Atmel is just such a serious company. The Crypto RNG that Atmel has used in all if its CryptoAuthentication devices is validated by NIST and can be publicly found on the list here.

Persistent Secure Key Storage with Active Tamper Detection

Strong ciphers supported with high entropy random numbers are used to keep adversaries away from our secrets, but their value is zero if an adversary can easily obtain the keys used to authenticate and encrypt.

System security completely relies on the security of the keys. Protection and safeguarding of these keys and primary keying material is critically important to any cryptographic system. Your secret/private keys are, by far, the most rewarding prize to any adversary.

If your keys are compromised, an adversary will have access to every secret message you’ve ever sent, like a flower offering its nectar to a honeybee. To add insult to injury, nobody will inform you the keys have been compromised. You will go on sending “secret” messages, blissfully unaware your adversaries can read them at their leisure… completely unhindered.

A very well respected manager in our crypto business unit puts it this way; Keys need to be protected behind “guns, guards, and dogs.”

Holding cryptographic keys in software or firmware is akin to placing your house key under the front mat, or above the door, or in that one flowerpot nobody will ever think of looking in.

Adversaries will unleash a myriad of attacks on your system in an effort to obtain your keys.   If they can get their hands on your equipment, as is often the case with IoT devices, they will rip them apart. They will employ environmental attacks. They will decapsulate and probe the die of your microcontrollers. There is no limit to what they can and will do.

Atmel’s line of CryptoAuthentication devices offers a long list of active defenses to these attacks as well as providing an external tamper detect capability you can use to secure your devices from physical intrusion and warranty violation.

Summary

As stated in this brief of the three elements which enable truly secure systems, the security of the keys and the quality of the random numbers used will complete or compromise any cipher, no matter the mode used.

Inadequate entropy in a random number generator compromises every aspect of cryptography, because it is relied upon from the generation of keys to supplying initialization vectors for cipher modes. Atmel’s hardware crypto-authentication devices ensure you have a NIST validated cryptographically secure random number generator.

Keys, signatures, and certificates require a persistent secure vault to protect them. The very elements which ensure the authority, security and integrity of your system cannot be left in the attackable open.

Keys held in software or firmware are easily recovered. Typical microcontrollers and microprocessors do not contain the protections needed to keep out adversaries. Even newer processors with secure zones have very limited key storage and no generation functionality. From software protocol attacks to environmental and hardware probing, the ways and means of an adversary to recover keys from your software/firmware are nearly unlimited. This is akin to hanging your house key in a flimsy silk pouch on your front door knob.

Hardware security offers a number of benefits:

  • Secure storage of digital signatures and certificates
  • Secure storage of key hierarchy
  • Stopping adversaries from hacking your code
  • Secure boot and program image checking
  • Stopping unscrupulous contract manufacturers from over building your product
  • Creating new revenue streams by allowing premium services to be purchased post deployment
  • Limiting the life of products, e.g. the number of squirts an ink cartridge has, thereby thwarting refill/reuse
  • Streamlining deployed product tracking and warranty services

With regards to creating a truly secure system, active hardware protection for keys and cryptographically secure random numbers are not an option — they are a necessity.

Atmel’s CryptoAuthentication devices offer a high security, tamper resistant, physical environment within which to store and use keys for digital signatures, key generation/exchange/management, and perform authentication. Atmel is very serious about security. In addition to testing, validations and approvals by certifying entities, we employ third party labs to apply the very latest attacks and intrusion methodologies to our extremely resilient devices. The methodologies and results of these tests are available to our customers under non-disclosure agreement.