Download - Senzations’15: Secure Internet of Things
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Slide title In CAPITALS
50 pt
Slide subtitle 32 pt
Secure Internet of Things: Challenges and potential approaches
Dr.-Ing. Konrad Wrona NATO Communications and Information Agency
1
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Internet of Things
2
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Internet of Threats
3
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Internet of Threats
4
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Internet of Threats
§ A baby monitoring in Texas, USA
§ The newly-crowned Miss Teen USA
§ A botnet of over 100,000 hijacked everyday consumer devices
§ Delivery of incorrect dosages of insulin,
§ Printers catching on fire 5
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
What is Internet of Things?
6
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Attacks on SCADA and M2M
§ Theft of water (Gignac Canal System in France) § Release of raw sewage, Maroochy Shire Sewage
plant in Australia) § Interference with a Landsat-7 earth observation
satellite § Computer viruses infecting the ground-control
systems of the Predator and Reaper remotely piloted aircraft
7
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
What are the solutions
§ Secure configuration of the devices and OS § Secure network communication § Secure storage § Physical security
§ Hack-proof security is unrealistic • Need for intrusion detection and response
§ Defence-in-depth approach • Several complementary security mechanisms • Context-aware security and broken-glass policies
8
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
TLS/DTLS/eDTLS § TLS – Transport Layer Security
• The most widely deployed security protocol • Uses TCP: requires reliable, in-order packet delivery
§ DTLS – Datagram Transport Layer Security • Uses UDP: works with unreliable, out-of-order packet
delivery used in constrained platforms and networks • No multi-record stream cyphers
§ eDTLS on small embedded platforms • Reduced state-machine code size, data overhead,
compressed handshake protocol • More keying flexibility: Pre-shared, raw public/private,
X.509 certificate
9
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Where are the problems
§ Network layer security is the easy part § Security provisioning and management is difficult
• Constrained user interface • Amount of devices • Untrained users
§ Higher security means higher initial cost, complexity, power
• However, data or life loss might be more expensive
10
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Internet of Threats
11
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
DARPA view on IoT security
12
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
So, does all military equipment has military-level security?
13
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Car hacking
14
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Car hacking
15
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Car hacking
16
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Data recorded by automobile manufacturers
§ BMW, Chrysler, Ford, General Motors, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen, and Volvo
§ Aston Martin, Lamborghini, and Tesla did not respond
17
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Data recorded by automobile manufacturers
18
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Data recorded by automobile manufacturers
19
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Data recorded by automobile manufacturers § Physical location recorded at regular
intervals; § Previous destinations entered into
navigation system; § Last location parked. § Potential crash events, such as sudden
changes in speed; § Status of steering angle, brake
application, seat belt use, and air bag deployment;
§ Fault/error codes in electronic systems. § Vehicle speed; § Direction/heading of travel; § Distances and times traveled;
§ Average fuel economy/consumption;
§ Status of power windows, doors, and locks;
§ Tire pressure; § Fuel level; § Engine RPM; § Odometer reading; § Mileage since last oil change; § Battery health; § Coolant temperature; § Engine status; § Exterior temperature and
pressure.
20
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Why worry?
21
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Why we need fine grained access control?
22
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
How to protect customers from the Internet of Threats? § Market design
• Ask at the Business track of the school
§ Legislation
23
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Example of Legislation: Security and Privacy in Your (SPY) Car Act (2015) § Vehicle owners to be made aware of what data is
being collected, transmitted and shared
§ To be offered the chance to opt out of data collection without losing access to key navigation or other features where feasible
§ Requiring an easy method for consumers to evaluate how well an automaker goes beyond the minimums defined in the proposed law
24
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
§ Market design • Ask at the Business track of the school
§ Legislation § Secure design
• Technology • Usability of configuration • Easy understanding of implications
25
How to protect customers from the Internet of Threats?
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
OLP Dimensions
26
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
27
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Proposed solution: CPR
• Originator defines content description (attributes), not confidentiality markings
• Content attributes determine – Protection requirements
• How the content is to be processed and stored – Release conditions
• To whom it can be released
28
{PROTECTION REQUIREMENTS}
{RELEASE CONDITIONS}
Terminal attributes
User attributes
ACCESS REQUEST
D
D
+
RELEASE DECISION
CPRESS
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
NATO Object Level Protection: Content-based Protection and Release
29
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
CPR cryptographic access control: Encryption
30
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
CPR cryptographic access control: Decryption
31
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
BobAlice
sksk
Symmetric Key Encryption Schemes § Same secret key used for encryption and
decryption. § Any user can generate keys. § Relies on an authenticated distribution
mechanism.
32
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
BobAlice
pkCA
sk
pk
sk
Public-Key Encryption Schemes
§ Different keys for encryption and decryption • The encryption key is made public • The decryption key is kept secret
§ Any user can generate keys. § Relies on authenticated distribution mechanism
for public keys.
33
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
BobAlice
sk
[email protected] [email protected]
Key Distribution sk
Identity-Based Encryption Schemes § Public-key encryption scheme with custom-
formatted public keys § No longer relies on authenticated distribution
mechanism for public keys § Private keys need to be generated by a central
entity
34
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
BobAlice
Key Distribution
FemaleMSc
ManagementMale
MedicalTrainee
Female ˅ Trainee
Attribute-Based Encryption Schemes § Extension of IBE where users can be assigned
various attributes • Users receive private keys corresponding to their attributes. • Ciphertexts are linked with a predicate on the attributes. • Decryption ciphertext possible by a user if and only if the linked
predicate evaluates to TRUE on its user attributes.
35
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
§ Predicate Encryption (PE) • Also incorporates schemes that support predicate
hiding. § Functional Encryption (FE)
• Also incorporates schemes where the outcome of a decryption is a non-trivial function of the involved message, predicate and key.
§ Relationship: 𝑃𝐾𝐸⊂𝐼𝐵𝐸⊂𝐴𝐵𝐸⊂𝑃𝐸⊂𝐹𝐸.
Other Related Encryption Schemes
9/4/15 36 NATO UNCLASSIFIED RELEASABLE TO PFP
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Hybrid Encryption with ABE
§ Concept • Encrypt plaintext with symmetric encryption scheme. • Encrypt symmetric key using ABE.
§ Motivation • The overhead of using ABE is relative to the size of
the data it encrypts. • Symmetric keys tend to be much smaller than the
plaintext to be encrypted. • Limited overhead when using symmetric encryption. • This significantly reduces the overhead of using ABE
relative to the plaintext to be encrypted.
37
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Definition Attribute-Based Encryption § Let 𝑃:𝐾×𝐼→{0,1} be a PT predicate. § ABE consists of four PPT algorithms:
Ø (𝑝𝑘,𝑚𝑠𝑘)←𝑆𝑒𝑡𝑢𝑝( 1↑𝜆 ) Ø 𝑠𝑘←𝐾𝑒𝑦𝐺𝑒𝑛(𝑚𝑠𝑘,𝒌) Ø 𝑐←𝐸𝑛𝑐𝑟𝑦𝑝𝑡(𝑝𝑘, (𝒊𝒏𝒅,𝑚)) Ø 𝑦←𝐷𝑒𝑐𝑟𝑦𝑝𝑡(𝑠𝑘,𝑐)
where 𝑘∈𝐾 and 𝑖𝑛𝑑∈𝐼 and Ø 𝑦={█■𝑚 if 𝑃(𝑘,𝑖𝑛𝑑)=1⊥ if 𝑃(𝑘,𝑖𝑛𝑑)=0
38
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Key Policy
§ The key space 𝐾 consists of 𝑛-variable Boolean formulas 𝜙.
§ Elements 𝑖𝑛𝑑=𝑧=( 𝑧↓1 , 𝑧↓2 ,⋯, 𝑧↓𝑛 ) from the index space 𝐼∈ {0,1}↑𝑛 are interpreted as representations of 𝑛 Boolean values.
§ 𝑃(𝜙,𝑧)={█■1 if 𝜙(𝑧)=1 0 otherwise
39
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Ciphertext Policy
§ The key space 𝐾= {0,1}↑𝑛 consists of representations 𝑘=𝑧=( 𝑧↓1 , 𝑧↓2 ,⋯, 𝑧↓𝑛 ) of 𝑛 Boolean values.
§ Elements 𝑖𝑛𝑑=𝜙 from the index space 𝐼 are 𝑛-variable Boolean formulas.
§ 𝑃(𝑧,𝜙)={█■1 if 𝜙(𝑧)=1 0 otherwise
40
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Challenger Adversary
(Setup)
(Query Phase 1)
(Challenge set selection)
(Plaintext submission)
(Query Phase 2)
(Guess)
(Challenge response)
public parameters
key queries
attribute set S not accepted by queried keys
challenge messages m0, m1
Encrypt(pk,(S,m0)) or Encrypt(pk,(S,m1))
queries for keys with policy not accepting S
m0 or m1
Full Security
§ Security defined by the following game:
41 41
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Challenger Adversary
(Setup)
(Query Phase 1)
(Challenge set selection)
(Plaintext submission)
(Query Phase 2)
(Guess)
(Challenge response)
public parameters
attribute set S
challenge messages m0, m1
Encrypt(pk,(S,m0)) or Encrypt(pk,(S,m1))
queries for keys with policy not accepting S
m0 or m1
queries for keys with policy not accepting S
Selective Security
§ Security defined by the following game:
42 42
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Selective Security Limitations
§ Can only use policies that accept the challenge attribute set.
§ Can only use attributes in the challenge attribute set.
• This in particular makes selective security unsuitable for ABE schemes that need to support both positive and negative attributes.
§ Therefore, we mainly focus on fully secure schemes.
43
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
§ Attribute assignments are Boolean. • E.g., a person may get assigned the attribute
“member”, “not a member” or no attribute related to membership at all.
§ Relatively efficient inequality comparisons involving static integers are however possible.
• Uses attributes corresponding to bit representations. • E.g., 6 encodes as the set {“1∗∗”, “∗1∗”, “∗∗0”}. • E.g, 𝑎 < 5 encodes as “0∗∗” ∨ (“∗0∗” ∧ “∗∗0”).
Inequalities in Policies
9/4/15 44 NATO UNCLASSIFIED RELEASABLE TO PFP
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Revocation
§ Revocation mechanism types • Indirect revocation • Direct revocation
§ Efficiency-enhancing techniques for revocation
45
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
USE CASES
46
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
§ Provide protection of information in an environment where both communication and data storage infrastructure are controlled by a third party
§ Support all standard information exchange scenarios
CPR cryptographic access control: Infrastructure
47
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
CPR Example: Information sharing for Passive Missile Defence
48
NATO Desktop located in Class I area NATO employee with
NATO Secret clearance
NATO contractor with NATO Restr. clearance
NATO laptop
Red Cross worker Unknown terminal
Full view
Partial view
Public information only
CPR
Top right corner for field-mark, customer or partner logotypes. See Best practice for example.
Slide title
36 pt
Slide subtitle 24 pt
Text 28 pt
Bullets level 2-5 24 pt
Slide title In CAPITALS
50 pt
Slide subtitle 32 pt
Thank you!