Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Networks

How to secure the Internet of Things (Part 1)

Posted: 23 Jan 2015 ?? ?Print Version ?Bookmark and Share

Keywords:Internet of Things? IoT? cyclic redundancy check? CRC? public key cryptography?

Certificate validity is verified by using the same cryptographic signature verification scheme as for digital content. The signature verification of the certificate guarantees the integrity and authenticity of the certificate and, consequently, of the information contained in the certificate: the public key and the identity (figure 1).

As a result, before using a public key, one must first verify the validity of that public key's certificate by using the certification authority's public key. Then make sure that this certification authority's public key certificate is also valid by using the public key of the parent signing authority, and so on. Therefore, a chain of verifications can occur with successive certification authority's public keys until it is ultimately trusted as a root key. The root key, you will recall, is trusted because it was obtained using Method 1.

Figure 2: Verification process of a public key and digital content signature.

Verifying software. When applied to software, this public key-signature technique allows you to trust executable binary code. Now you simply consider the software as digital content. The sender of this digital content is the software approver, the one charged with accepting the software validated for a device. The receiver is the electronic device. The software approver generates a pair of keys and loads the public verification key into the electronic device once during manufacturing. The private key is kept in a safe place, as explained below. The software approver signs the generated code before loading it into the electronic device by using its own private key. Then at power-on, the electronic device can use the preloaded public key to verify the integrity and authenticity of the binary code before running it.

Benefits of ECC vs. RSA cryptography
Public key-based cryptography has been an RSA algorithm for several decades. But in the last few years elliptic-curve cryptography (ECC) has emerged and spread through the security industry. Elliptic curve-based signature verification is the same order of magnitude compared to RSA, but uses far less computational resources. Its key sizes are much smaller, thus reducing the memory footprint. A secure application of RSA now requires at least 2048 bits of security; RSA keys need 256B. Equivalent elliptic-curve keys are only 224 bits long [7] and the keys are only 28B. Elliptic-curve cryptography is, therefore, the preferred choice for securing newer devices.

Caveats about secret keys vs. public keys
As explained above, public-key cryptography is based on pairs of keys. (A key pair is made of a public key and a private key.) The private key is stored secretly because it allows a receiving device to authenticate contentonly the key owner should be able to sign content. Conversely the public key is available to anyone, because anyone can verify a signature. This is not harmful or risky.

Public keys do not need to be protected against disclosure and, therefore, do not require any of the countermeasures designed to prohibit access to the key value. Unlike a secret key, a public key does not need to react to tamper events by deleting/erasing its verification key. No side-channel countermeasures are required. The only required protection mechanisms must target keys substitution/modification and modified software behaviour.

All this makes the device design simpler. The algorithms involved are not subject to export regulations because they do not include encryption, but merely a digital content digest (i.e., a hash algorithm and signature verification). Note, finally, that the digital signature verification algorithm (figure 1) must still be robust enough to protect against intentional or accidental disturbances: power glitches, badly formatted digital content and digital signatures.

Limitations of a secret key. Secret key cryptography looks simpler than the public-key system discussed above because there is one unique key for signing, verifying signatures, and no need for certificates.

In fact secret key-based cryptographic algorithms such as Advanced Encryption Standard (AES), which is based on the cryptographic algorithm, FIPS 197: Advanced Encryption Standard.NIST, are not suitable for protecting software integrity in the field because the same secret key has to be used for signing and verifying signatures. The secret key must, therefore, also be stored inside the deployed electronic devices. However, protecting secret keys stored in electronic devices against disclosure is not an easy task. Disclosure of the secret key can happen at design, during manufacturing, and in the field. At design, insiders could leak the key to an outsider. At manufacturing, third parties could dump the secret keys from the device memory and leak them out. In the field, attackers can reverse engineer the key (e.g., memory dump, fault attacks, power analysis).

Protecting a secret key. You can mitigate the disclosure of secret keys by secret key diversification, i.e., by using a different key for each deployed device. This makes sense, but the manufacturing becomes much more complex and requires trusted, secure manufacturing plants and huge databases of keys. Beyond manufacturing, you can also install anti-theft defences in a device itself. A secure electronic device must detect tamper events and then destroy its secret keys. There must also be countermeasures to resist power disruptions or faults directed against the encryption algorithm. Encryption algorithms are, moreover, subject to export regulations, so these devices can have regulatory issues involving international markets.

?First Page?Previous Page 1???2???3???4???5?Next Page?Last Page

Article Comments - How to secure the Internet of Things...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top