Most of the time, we’re surrounded by dozens of devices that contain connectivity to the world wide web. Whether they are directly part of our inventory or buried in our environment, these devices are in constant contact with anyone savvy enough to detect and connect to them.
In some cases there’s less concern, because the information being accessed is less sensitive. If someone hacks into our Fitbit or smartwatch, they get a kick out of knowing our real-time blood pressure and heart rate. In many cases, though, the concern is greater, due to the sensitive nature of the information.
This is because more of our lives depend on devices like phones that hold our contacts and all their sensitive information such as email addresses, locations, passwords, banking, and credit card information. In addition, they can double as remote surveillance with cameras, microphones, and location data.
Identity management is perhaps one of the most critical concerns as our information infrastructure moves forward and evolves. These concerns include locally and globally accessing devices and governmental, capitalistic, and society-dependent energy, transportation, distribution, and management. If machines can’t reliably identify and authenticate themselves, the situation begins to devolve quickly.
Therein lies the problem. The internet was an outgrowth of a data-sharing topology used by the Defence Advanced Research Projects Agency (DARPA) and universities to help researchers collaborate. Its protocols were not designed to be secure. As it became a public information exchange network, attempts have been made to encrypt the data payloads. While this can help, the structure of data centers, routers, and switches makes several types of attacks possible. We will look at some of these attacks—and solutions the industry uses to fight back.
Basic Security Concerns
The most basic level of security for the average internet user and device is identity verification and protection. We all use passwords as authentication mechanisms for our emails, apps, and service subscriptions. These are examples of one-way authentication. The service we are trying to access requests the password. Anyone who knows the password can gain access. Two-way authentication requires users to provide more information. And so on.
Typically, passwords and login information are not encrypted, but this is changing. Several communications apps and messengers advertise end-to-end encryption, which is a good start. This can be applied to handheld mobile devices or embedded and buried IoT devices.
Another level is independent verification. Here, an email program, for example, will contact a cell phone and ask if it is a valid login attempt. It will also notify the account holder to let them know if a login attempt is made on another device. This approach works well if a would-be hacker doesn’t have access to all the back channels, but this may not be as feasible for buried IoT devices that typically have just one way of communicating. Even if it has Bluetooth and Wi-Fi, both will normally use the same access point.
Challenges to Securing Devices
When people are in the verification loop, it is easier to verify identity. “Are you a robot” is an example of a method that people can perform, but embedded devices typically can’t because IoT devices are small, cheap, and dedicated to achieving an essential function. Adding high power processing resources adds too much of a cost burden.
Significant challenges to the security of IoT devices remain. Even high-powered desktops with complex operating systems constantly require updates to patch security gaps. Adding firmware update capability to an IoT device opens another door for would-be hackers to get in.
Another challenge is to identify the type of attack. A man-in-the-middle attack is one in which someone enters the data stream between two communicating devices. It can intercept and modify data, then take control of remote hardware.
Endpoint attacks can disregard verification techniques by jamming proper channels and spoofing a vulnerable device. Higher-level attacks can use back doors in equipment to take control of routers and switches. Denial of service attacks can flood a device with nonsensical communications rendering it inaccessible to the actual desired host. Keeping costs low means minimal protection from outsiders.
Best Solutions
Cybersecurity experts are working on solutions, and several techniques and approaches are being explored. Schemes like hardware serialization that can resist attacks like man-in-the-middle, masquerading, cloning, or replay can dissuade the novice, but not the professional. Furthermore, many IoT devices are simple, low-cost, price-sensitive devices that cannot handle the imposed cost of complex authentication algorithms.
The same holds true for the Secure Vault approach, where mutual authentication occurs between IoT devices and servers. Using a multi-password (or multi-key) approach, side-channel and dictionary attacks can be mitigated. The ‘shared secret’ between the IoT server and IoT device can be done without the computational and architectural overhead. But, like every other connected island, all the communications can be sniffed, intercepted, and redirected.
Another research approach is cryptographic protocols that leverage physical unclonable functions (PUFs). This approach uses input to output mapping, which depends on the unique characteristics of the physical hardware, minimizing private key exposure but adding overhead and lifecycle support layers as new hardware emerges. Anyone with one of these devices can emulate all input to output mapping.
The use of digital signatures is still an option. Multi-factor authentication can be performed for a device and server with low overhead, allowing device access to the network to pass all the local tests. And this brings up another point. It is one thing to hack globally into devices on the other side of the world, but a local, on-site hacker with tools at their disposal can circumvent many of the safeguards we take for granted.
It is akin to someone tapping an old-style phone line. If the user is on the other side of the world, it is quite a task to take control of multiple phone company computers and route to a specific phone line around the globe, but locally, all that’s needed is the simple connection of two wires.
Other Methods of Consideration
Some have proposed blockchain for IoT devices, but from a cost, environmental, and energy consumption perspective, this is not feasible—yet. Furthermore, the complexity of authentication far outpaces the capabilities of the processors on most low-cost devices.
One technique gaining some traction is the Trusted Platform Module X.509 certificates that can use a chip to store certificates and endorsement keys. This technique uses a Public Key Infrastructure called PKIX and a private key stored in a TPM. TPM key attestation lets the entity request a certificate to prove that the requester protects the RSA key cryptographically.
The truth is users may not want security with embedded and buried IoT devices for comfort, luxury, and safety. If someone around the world turns on your lights, it is not a big deal. As a result, these devices can remain low-cost and simple.
For IoT devices that are part of a critical infrastructure that we depend on, perhaps independent notification to an administrator can grant access. A text, for example, can be sent to the administrator asking if it is OK to close a coolant valve at a nuclear power plant. While seemingly simple methods may add more complexity to the process, in these cases, security is key. While there are certainly barriers and legitimate concerns, we must continue to discuss them until even greater solutions arise. With the great engineering minds of today, it’s only a matter of time.
Courtesy: Mouser Electronics