IoT Security - Critical cryptographic capabilities -

IoT Security – Critical cryptographic capabilities

Editor's Note: Securing the Internet of Things is critical not only for the integrity of data streams and software within each IoT application, but also for the integrity of the enterprise resources tied into those applications. IoT security is a complex problem, requiring a systematic approach for understanding possible threats and corresponding mitigation methods.

Adapted from Internet of Things for Architects, by Perry Lea.

Chapter 12. IoT Security
By Perry Lea

Cryptography (Continued)

Cryptographic hash (authentication and signing)

Hashing functions represent the third type of cipher technology to consider. These are typically used to generate a digital signature. They are also considered “one-way” or impossible to invert. To recreate the original data after passing through a hash function would be a brute-force attack of every possible combination of inputs. The key attributes of a hashing function include:

  • Always generates the same hash from the same input Quick to compute but not free (see proof of work)

  • It is non-reversible and cannot regenerate the original message from the hash value

  • A small change to the input will result in significant entropy or a change in the output

  • Two different messages will never have the same hash value

The effects of cryptographic hashing functions like SHA1 (Secure Hash Algorithm) can be demonstrated by altering just one character in a longer string:

Input: Boise Idaho
SHA1 Hash Output: 375941d3fb91836fb7c76e811d527d6c0a251ed4

Input: boise Idaho
SHA1 Hash Output: 0c119c937cee823744202f0de80ca997acd864ee

SHA algorithms are used extensively in applications such as:

  • Git repositories

  • TLS certificate signing for web browsing (HTTPS)

  • Validating file or disk image content authenticity

Most hash functions are built upon the Merkle-Damgård construction. Here, the input is split into equally sized blocks which are processed serially with a compression function combined with the output of the previous compression. An Initialization Vector (IV ) is used to seed the process. By using a compression function, the hash is resistant to collisions. SHA-1 is built upon this Merkle-Damgård construction:

click for larger image

SHA-1 algorithm. Input split into five 32-bit chunks

In general, the SHA algorithm's input message must be less than 264 bits. The message is processed in 512-bit blocks sequentially. SHA-1 is now superseded with strong kernels such as SHA-256 and SHA-3. SHA-1 was found to have “collision” within the hash. While it would take approximately 251 to 257 operations to find a collision, it would take only a few thousand dollars of rented GPU time to resolve the hash. Thus, the recommendation is to move to the strong SHA models.

Public Key Infrastructure

Asymmetric cryptography (public key) is a mainstay of internet commerce and communication. It has routinely been used for SSL and TLS connection on the web. A typical use is public key encryption, where data in transit is encrypted by anyone holding the public key but can only be decrypted by the holder of the private key. Another use is digital signatures, where a blob of data is signed with a sender's private key and the receiving party can verify the authenticity if they hold the public key.

To assist with providing public keys with confidence, a process known as Public Key Infrastructure (PKI ) is used. To guarantee authenticity, trusted third parties known as Certificate Authorities (CA ) manage roles and policies to create and distribute digital certificates. Symantec, Comodo, and GoDaddy are the largest public issuers of TLS certificates. X.509 is a standard that defines public key certificate formats. It is the basis of TLS/SSL and HTTPS secure communication. X.509 defines such things as the encryption algorithm used, expiration dates, and the issuer of the certificate.

PKI consists of Registration Authority (RA ) that verifies the sender and manages specific roles and policies and can revoke certificates. The RA also communicates with a Validation Authority (VA ) to transfer revocation lists. The CA issues the certificate to the sender. When a message is received, the key can be validated by the VA to verify that it hasn't been revoked.

In the following figure, an example of PKI infrastructure is shown. The CA, RA, and VA systems used and the phases of granting and verifying a key granted for encrypting a message are shown:

click for larger image

PKI infrastructure example

Network stack – Transport Layer Security

Transport Layer Security (TLS ) has been covered in many areas of this book, from TLS and DTLS for MQTT and CoAP to network security over the WAN and PAN security. Each has had some form of reliance on TLS. TLS also brings together all the cryptographic protocols and technologies we mention. This section briefly covers the TLS1.2 technology and process.

Originally SSL (Secure Sockets Layer), it was introduced in the 1990s but was replaced by TLS in 1999. TLS 1.2 is the current specification in RFC5246 as of 2008. TLS 1.2 includes an SHA-256 hash generator to replace SHA-1 and to strengthen its security profile.

In TLS encryption, the process is as follows:

  1. The client opens a connection to a TLS-capable server (port 443 for HTTPS)

  2. The client presents a list of supported ciphers that can be used

  3. Service picks a cipher and hash function and notifies the client

  4. The server sends a digital certificate to the client which includes a certificate authority and the server's public key

  5. Client confirms the validity of the secret

  6. A session key is generated either by:

    1. A random number being encrypted with the server's public key, and sending the result to the server. Server and client then use the random number to create a session key which is used for the duration of the communication.

    2. Using Dixie-Hellman key exchange to generate a session key used for encryption and decryption. The session key is used until the connection is closed.

  7. Communication starts using the encrypted channel

Shown below is the handshaking process for TLS1.2 communication between two devices:

click for larger image

TLS 1.2 handshake sequence

Datagram Transport Layer Security (DTLS ) is a communications protocol at the datagram layer based on TLS (DTLS 1.2 is based on TLS 1.2). It is intended to produce similar security guarantees. The CoAP lightweight protocol uses DTLS for security.

The next article in this series will discuss software-defined parameter and blockchains in the IoT.

Reprinted with permission from Packt Publishing. Copyright © 2018 Packt Publishing

Perry Lea is a 27-year veteran in the technology industry and sees himself as a technologist, strategist, business developer, entrepreneur, researcher and inventor. Besides writing the book, Internet of Things for Architects, he holds more than 50 patents. He served as Chief Architect at Hewlett Packard, where he architected and steered the design of more than 60 product lines. He holds three engineering degrees and a post graduate degree from Columbia University.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.