Almost every day, at least on time per week, a new manufacturer is blamed for bad security implementation. Especially the problems in the area of internet of things (IoT) security e.g. CCTV cameras, dishwasher, digital lock systems, lights, cars are enormous and therefore the possibilities for an attacker nearly limitless. And it also doesn't matter whether the attacker is motivated by delight in destruction, curiosity, research or he want just to call attention. Every iot security breach shall be a wake-up signal for the manufacturer to improve his processes and to give enhanced attention to security topics.
Security is the main challenge for IoT
My personal opinion is, every collected data shall be properly protected from unauthorized access to prevent from inappropriate usage. And there is no argument like "the data is very simple, who wants to use it?", its simple, there is a reason why the data is collected by you so there will be also a reason why someone others want to steal or to manipulate it.
Here is a simple example: Why should someone illegally observe the state of a parking lot with a usable data size of exactly 1 bit? If the parking lot is personalized you can create a usage profile of the user or observe him without paying for someone who will do it. If the parking lot is not personalized, you can figure out the efficiency or usage profile of the parking garage, which is typically owned by someone, and use this information against him.
Below I've summarized some of the basic techniques I use in my daily work. One short information as a prolog. Typically creating security concepts for internet of things and identify proper techniques is part of a structured process (you can find some details here Find potential security holes efficiently - Simple tips for a security analysis! ). The current article does not describe such a process and also the described techniques do not have a specific context, like "encrypt your sensor data placed on external flash using AES128 , to prevent from reading out". This is just a summary, a summary without any categorization and valuation of the described techniques.
Knowing how hackers operate is the best knowledge base for a good iot security architecture, but not only. You don't need to be a super hacker who knows how to break in bitcoin server or NSA databases but a basic knowledge about the main techniques helps a lot.
You can gain this knowledge for free on the web. Check my article Hacking, top 5 free cyber security training sources for an overview of the best sources.
There a also a lot of good books on the market here are some popular examples
|Example 1||Example 2||Example 3|
|Get it on Amazon||Get it on Amazon||Get it on Amazon|
1. Secure your Radio Communication Channel
The typical communication interface of IoT devices is a radio channel, therefor the logical firts step for a proper internet of things security architecture is to secure exactly this interface. For my opinion it is also one of the most important steps. The reason is very simple, hacking a radio interface can be performed without any physical access to the iot device. The attacker has infinite time and also access to the equipment he needs.
Dependent on the radio technology there are surely differences e.g. BLE has a limited range, therefore, the attacker must be located close to the object. Sigfox and LoRa have a very limited data bandwidth. Nevertheless, good RF communication security concept will increase the time required for an effective attack and therefore lower the risk.
2. Sign your Data
Good, known technique from the "old" cybersecurity areas like network security but still valid also as a part of your internet of things security strategy.
Digital signatures are not the right technique to provide data confidentiality but very useful to verify whether the data is
- manipulated or not and
- originate from the one you expect
Sure signing the data is not a foolproof technique at the end and a system using signatures has to fulfill certain conditions. Here are the main ones:
- The signatory has to protect his signing key as good as possible to keep its trustworthiness
- The auditors has to protect the integrity of his validation key to remain the ability to distinguish between trusted and non-trusted signatory
- Proper technologies must be chosen
Signing sounds complex at the beginning, especially for not technical circle, but creates an "aha-experience" as soon as the advantages and the basic mechanisms are understood.
Creating a digital signature consists of two steps
- create a fingerprint of the source (hashing)
- sign the fingerprint to enable authorization of the signature (encrypt with private key)
To create a fingerprint of digital data, hashing mechanisms are used. For security reasons cryptographic hashing functions are in place and their ability is to create a data block of a fixed size from data of various size. The fixed size data block itself do not disclose any information about the original one, it is just unique like a fingerprint of a person. Changing only one character or a bit in the original data lead to a totally different fingerprint.
The fingerprint, afterward, must be encrypted. For encryption, asymmetric mechanisms are used which can also provide authorization and authentication.
Even for iot devices with a limited number of flash memory, libraries are available for hashing as well as for signature verification. Therefor this should not be an excuse to provide proper IoT security.
3. Store Data in Internal Memory
Not a cryptographic technique but one from the area of system hardening, which is working great in combination with strong security measures.But utilizing the described method only, without using any cryptographic techniques to secure your IoT's data is not recommended while the protection system of common microcontrollers are not that strong to resist to any serious physical attacks. Here are your options for your IoT security portfolio.
Do your microcontroller provide the possibility to store the complete firmware in the internal memory and the amount of data you collect and needs to store persistently requires only some bytes or may be a small number of kilobytes? In this case, the internal memory is maybe the best place to store the data. The difference to external memory solutions like flash or EEPROM components is, an attacker has a very limited access to the communication interface from external, means:
- no wires which can be probed using an oscilloscope or logic analyzer
- JTAG interface can be disabled or secured
- read operations via JTAG can be disabled
- depends on the components package, pins are located in the way that they can not be used without removing the microcontroller
4. Use encryption techniques
One of the most indicated requirements, if the security topic is touched in a meeting, is encryption. Encryption methods can be used to provide both data protection and authorization. Choose the right methods and creating a solid infrastructure around your product can let you forget that you are using encryption methods at all and provide a great user experience. Doing it somehow just because someone said we need to without understanding the reason and the impacts, let your developers and users struggle with the usability.
Just to give a rough overview. In the security world, yes the general one not only the one for IoT security, we are talking about two main types of encryption.
- Symmetric Encryption
- Asymmetric Encryption
Thereby symmetric and asymmetric addresses the keys. In the symmetric world, you have the same key for encryption and decryption. If one of the key instances is stolen, all other instances are also compromised and untrustworthy. The asymmetric world is a little bit different. You have two types of keys public and private with following characteristics.
- Every data which is encrypted using the private key can be decrypted using the public key.
- Data which is encrypted using the public key can only be decrypted having the private key.
Characteristic one fulfills the requirements for signing, one sign all other checks. The second characteristic fulfills the requirements for encryption if you have the public key of someone you can send him an encrypted message and only the owner of the private key can decrypt it.
5. Use standard methods and common crypto libraries
You have a team of great software development experts with some spare time, allow them to do some creative stuff, experiments, let them play or just give them a day off but do not implement your own crypto library to save some budget. Use libraries from the market, in the best case, use an open source one and contribute to the project.
Depending on your IoT security requirements there is also a big chance to find the functionality already build in your target hardware e.g. an AES hardware module or an ECC library in the ROM.
But not only for implementing security functionalities in your internet of things device, also for the standard tasks e.g. command line interpreter, use proven techniques and methods. This gives your team and your company the ability to react faster on upcoming bug reports and vulnerabilities and is in parallel also a nice hardening technique for your device. The intelligence of a crowd is in the most cases higher than the one of a single expert.
If you like this article, you will maybe also interested in others: