IoT Security - Critical cryptographic capabilities
Editor's Note: Securing the Internet of Things is critical not only for the integrity of data streams and software within each IoT application, but also for the integrity of the enterprise resources tied into those applications. IoT security is a complex problem, requiring a systematic approach for understanding possible threats and corresponding mitigation methods.
Adapted from Internet of Things for Architects, by Perry Lea.
Chapter 12. IoT Security
By Perry Lea
Cryptographic hash (authentication and signing)
Hashing functions represent the third type of cipher technology to consider. These are typically used to generate a digital signature. They are also considered "one-way" or impossible to invert. To recreate the original data after passing through a hash function would be a brute-force attack of every possible combination of inputs. The key attributes of a hashing function include:
Always generates the same hash from the same input Quick to compute but not free (see proof of work)
It is non-reversible and cannot regenerate the original message from the hash value
A small change to the input will result in significant entropy or a change in the output
Two different messages will never have the same hash value
The effects of cryptographic hashing functions like SHA1 (Secure Hash Algorithm) can be demonstrated by altering just one character in a longer string:
Input: Boise Idaho
Input: boise Idaho
SHA algorithms are used extensively in applications such as:
TLS certificate signing for web browsing (HTTPS)
Validating file or disk image content authenticity
Most hash functions are built upon the Merkle-Damgård construction. Here, the input is split into equally sized blocks which are processed serially with a compression function combined with the output of the previous compression. An Initialization Vector (IV) is used to seed the process. By using a compression function, the hash is resistant to collisions. SHA-1 is built upon this Merkle-Damgård construction:
click for larger image
SHA-1 algorithm. Input split into five 32-bit chunks
In general, the SHA algorithm's input message must be less than 264 bits. The message is processed in 512-bit blocks sequentially. SHA-1 is now superseded with strong kernels such as SHA-256 and SHA-3. SHA-1 was found to have "collision" within the hash. While it would take approximately 251 to 257 operations to find a collision, it would take only a few thousand dollars of rented GPU time to resolve the hash. Thus, the recommendation is to move to the strong SHA models.
Public Key Infrastructure
Asymmetric cryptography (public key) is a mainstay of internet commerce and communication. It has routinely been used for SSL and TLS connection on the web. A typical use is public key encryption, where data in transit is encrypted by anyone holding the public key but can only be decrypted by the holder of the private key. Another use is digital signatures, where a blob of data is signed with a sender's private key and the receiving party can verify the authenticity if they hold the public key.
To assist with providing public keys with confidence, a process known as Public Key Infrastructure (PKI) is used. To guarantee authenticity, trusted third parties known as Certificate Authorities (CA) manage roles and policies to create and distribute digital certificates. Symantec, Comodo, and GoDaddy are the largest public issuers of TLS certificates. X.509 is a standard that defines public key certificate formats. It is the basis of TLS/SSL and HTTPS secure communication. X.509 defines such things as the encryption algorithm used, expiration dates, and the issuer of the certificate.
|PKI consists of Registration Authority (RA) that verifies the sender and manages specific roles and policies and can revoke certificates. The RA also communicates with a Validation Authority (VA) to transfer revocation lists. The CA issues the certificate to the sender. When a message is received, the key can be validated by the VA to verify that it hasn't been revoked.|
In the following figure, an example of PKI infrastructure is shown. The CA, RA, and VA systems used and the phases of granting and verifying a key granted for encrypting a message are shown:
click for larger image
PKI infrastructure example
Network stack – Transport Layer Security
Transport Layer Security (TLS) has been covered in many areas of this book, from TLS and DTLS for MQTT and CoAP to network security over the WAN and PAN security. Each has had some form of reliance on TLS. TLS also brings together all the cryptographic protocols and technologies we mention. This section briefly covers the TLS1.2 technology and process.
Originally SSL (Secure Sockets Layer), it was introduced in the 1990s but was replaced by TLS in 1999. TLS 1.2 is the current specification in RFC5246 as of 2008. TLS 1.2 includes an SHA-256 hash generator to replace SHA-1 and to strengthen its security profile.
In TLS encryption, the process is as follows:
The client opens a connection to a TLS-capable server (port 443 for HTTPS)
The client presents a list of supported ciphers that can be used
Service picks a cipher and hash function and notifies the client
The server sends a digital certificate to the client which includes a certificate authority and the server's public key
Client confirms the validity of the secret
A session key is generated either by:
A random number being encrypted with the server's public key, and sending the result to the server. Server and client then use the random number to create a session key which is used for the duration of the communication.
Using Dixie-Hellman key exchange to generate a session key used for encryption and decryption. The session key is used until the connection is closed.
Communication starts using the encrypted channel
Shown below is the handshaking process for TLS1.2 communication between two devices:
click for larger image
TLS 1.2 handshake sequence
Datagram Transport Layer Security (DTLS) is a communications protocol at the datagram layer based on TLS (DTLS 1.2 is based on TLS 1.2). It is intended to produce similar security guarantees. The CoAP lightweight protocol uses DTLS for security.
The next article in this series will discuss software-defined parameter and blockchains in the IoT.
Reprinted with permission from Packt Publishing. Copyright © 2018 Packt Publishing
Perry Lea is a 27-year veteran in the technology industry and sees himself as a technologist, strategist, business developer, entrepreneur, researcher and inventor. Besides writing the book, Internet of Things for Architects, he holds more than 50 patents. He served as Chief Architect at Hewlett Packard, where he architected and steered the design of more than 60 product lines. He holds three engineering degrees and a post graduate degree from Columbia University.