SECURITY IN IOTThe Internet of Things – Automatski Corp.

http://www.automatski.comE: Aditya@automatski.com , Founder & CEO

M:+91-9986574181

E: Shubhadeep.dev@automatski.com , Director - Sales

M: +91-8884074204

THE PROBLEM

Any Thing/System with a Server Socket on the Internet can and will be Hacked

THE SOLUTION

No Server Sockets on the [Edge] Internet

Double DMZ’s on both sides (i) Edge & (ii) DataCenter

What if we have No Internet facing Server Sockets in the Edge Network, the Gateway is in a DMZ serving edge nodes on the intranet but making only outbound connections over the public internet?

Data Centers to have DMZ Servers and Backend beyond it as usual?

THE SOLUTION

SOLUTION: EVES DROPPING

3072 bit Encrypted Messages… through a 2048bit SSL Transport Lets look at the Maths behind breaking that Paraphrased – “DigiCert's base standard is to use 2048-bit keys in secure SSL

certificates - that is enormously stronger than anything Lenstra et al attempted, in fact, it would require factoring a 617-digit number. RSA Labs claim (see: http://www.rsa.com/rsalabs/node.asp?id=2004) that 2048-bit keys are 2^32 (2 to the power of 32) times harder to break using NFS, than 1024-bit keys. 2^32 = 4,294,967,296 or almost 4.3 billion, therefore breaking a DigiCert 2048-bit SSL certificate would take about 4.3 billion times longer (using the same standard desktop processing) than doing it for a 1024-bit key. It is therefore estimated, that standard desktop computing power would take 4,294,967,296 x 1.5 million years to break a DigiCert 2048-bit SSL certificate. Or, in other words, a little over 6.4 quadrillion years.”

“In putting together our video, we estimated the age of the Universe to be 13,751,783,021 years or a little over 13.75 billion years*, therefore if you tried to break a DigiCert 2048-bit SSL certificate using a standard modern desktop computer, and you started at the beginning of time, you would have expended 13 billion years of processing by the time you got back to today, and you would still have to repeat that entire process 468,481 times one after the other into our far far distant future before there was a good probability of breaking the certificate. In fact the Universe itself would grow dark before you even got close.”

Ref: https://www.digicert.com/TimeTravel/math.htm

SOLUTION: MAN IN THE MIDDLE

3072 bit Digital Signatures

Will void and Man in the Middle Attacks and will render any injected commands Useless, Easily Identifiable and Discardable by the System

Besides offering Authorization and Non-Repudiation

SO…

The channel seems to be secured…

Now we need to secure the H/W with Secure Boot

Code Signing & Verification

& a Trusted Execution Environment

*** Never underestimate the power of Physical Access

SECURE BOOT

Secure Boot is a security standard to help make sure that your Device boots using only software that is trusted by the Device manufacturer.

When the Device starts, the firmware checks the signature of each piece of boot software, including firmware drivers (Option ROMs) and the operating system.

If the signatures are good, the Device boots, and the firmware gives control to the operating system.

THE PROBLEM OF H/W CLONING & COUNTERFEITING?

Secure Boot Secures the Device but how do we tackle the problem of Device Cloning & Counterfeiting???

We need to prevent Physical Attacks on the Device and consequently Logical Attacks on the Transmissions between the device and the system

How do we do that?

Answer: Hardware Intrinsic Security PUFs Physically Unclonable Functions (e.g. SRAM PUF) are used to

generate the intrinsic fingerprint inherent in each device which is combined with a unique activation code to produce the secret key. No key is actually stored in the hardware.

ECC BASED CRYPTO ELEMENTS FROM AMTEL

There are now two Elliptic Curve Cryptography (ECC) crypto element devices in the Atmel CryptoAuthentication family of high-security hardware authentication devices: the ATECC508A and ATECC108A.

ATECC108A

The ATECC108A crypto element contains cryptographic engines that support full 256-bit Elliptic Curve Cryptography including Elliptic Curve Digital Signature Algorithm (ECDSA) sign-verify operations and features cryptographic and hardware defense mechanisms to prevent physical attacks on the device or logical attacks on the data transmitted between the device and the system. Device access is by means of a standard I²C interface or by Single-Wire Interface (SWI). The ATECC108A cryptographic protocols, especially ECDSA, make it ideal for asymmetric authentication applications. Being downward compatible with the ATSHA204A, it also runs symmetric operations. The ATECC108A can generate high-quality FIPS random numbers for any purpose ensuring that replay attacks (i.e. re-transmitting a previously successful transaction) always fail. A wide supply voltage range (2.0V to 5.5V) and an ultra-low sleep current (of <150nA) make it easy to use with any number of systems. The ATECC108A includes an EEPROM array for storage of up to 16 keys, miscellaneous read/write, read-only or secret data, consumption logging, and security configurations. A key feature of the ATECC108A is there is no need for secure storage in the host (asymmetric authentication). The ATECC108A is a pin-for-pin replacement of the ATECC108 and is downward compatible with the ATSHA204A and ATSHA204 crypto element devices.

Benefits Easy way to run ECDSA Sign-Verify operations

Authentication without the need for secure storage in the host

No requirement for high speed computing in client devices.

HOW DOES THIS WORK?

It depends on a secret that cannot be copied

A Challenge is presented

The ECC based I/C response depends on both (i) the challenge and (ii) the secret key

WHAT IF DATA, CONFIGURATION & SETTINGS ARE COPIED?

Answer: Encrypted Storage Vault

CONCLUSION

We have… Code Signed the software

Secure Booted the Device

Used H/W security to make sure the H/W wasn’t cloned

Used Encrypted Vault for data, settings and configuration

Used Channel Security to connect with the remote system

Removed Server Sockets from the Device and Gateway so that they cannot be hacked over the wire from outside

I guess! That’s should do for now!!!

THANKYOU!

WHO ARE WE?

10-20+ years of Software Engineering experience each

Global Agile & Technology Consulting, Advisory & Delivery experience of 10-15+ years since Agile and Tech was in Infancy.

The first computers we worked on were Atari and ZX Spectrum ;-) And yes after Basic we went to C/C++ and then straight to Assembly Programming and then -> we began our journey as technologists

Globally Distributed Global & Fortune Company work Experience

Worked with companies like BCG, McKinsey, Fidelity, Tesco, Goldman Sachs…

Long 3-5+ year projects & Over 200+ people globally distributed teams

Led Double Digit Multi-Billion US$ Projects

Blended methodology used comprising of Scrum, XP, Lean and Kanban

From there we rode every wave J2EE, RUP, Six Sigma, CMMI, SIP, Mobile, Cloud, Big Data, Data Science etc…

Individually worked with over 300+ Technologies at a time, literally nothing that scares us

Authors, Speakers, Coach’s, Mentors, Scientists, Engineers, Technologists, Marketing, Sales, HR, Finance…

We are Generalists and we Always start with First Principles.

FURTHER INFORMATION

Please refer to http://automatski.com for more information

Please go through the 2 minute demo, 5 minute demo…

And the showcase section of the website for more information…

Or email us on aditya@automatski.com

Or just give us a shout on Linkedin, Facebook, Twitter, Email etc.