the 5 elements of iot security
TRANSCRIPT
![Page 1: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/1.jpg)
The 5 Elements of IoT Security
Julien Vermillard - Sierra Wireless
![Page 2: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/2.jpg)
Who am I?
Software Engineer Sierra WirelessAirVantage.net cloud service
Eclipse IoT:Leshan project leadWakaama and Californium committer
Twitter: @vrmvrmEmail: [email protected]
![Page 3: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/3.jpg)
Agenda
In the newsHardwareOTA UpgradesSecure CommunicationKey DistributionCloud SecurityOpen Source IoT Infrastructure
![Page 4: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/4.jpg)
In the news
“The killer toaster”
“The nightmare on connected home street”
“What’s wrong with connected devices”
![Page 5: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/5.jpg)
HP Fortify 2014 IoT security report
Reviewed the most popular devices:TVs, webcams, thermostats, poweroutlets, sprinkler controllers, hubs for controlling multiple devices,door locks, home alarms,scales, and garage door openers
90% collected personal data70% used unencrypted network services
http://h20195.www2.hp.com/V2/GetDocument.aspx?docname=4AA5-4759ENW&cc=us&lc=en
![Page 6: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/6.jpg)
Secure your hardware
![Page 7: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/7.jpg)
Hardware security
Risks:Rogue firmwareInvisible backdoorMalicious certificateEavesdropping
Mitigation:Secure storageSecure boot
Drawbacks:Vendor lockTivoization
Nest Example:https://www.blackhat.com/docs/us-14/materials/us-14-Jin-Smart-Nest-Thermostat-A-Smart-Spy-In-Your-Home.pdf
![Page 8: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/8.jpg)
You can’t secure what you can’t update
![Page 9: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/9.jpg)
High engineering and BoM cost!
Custom bootloaderFlash size
![Page 10: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/10.jpg)
Flash & switch update
FirmwareV 1
FirmwareV 2
Bootloader
![Page 11: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/11.jpg)
Reboot & Patch update
Firmware
Patch
Bootloader
![Page 12: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/12.jpg)
Must be bulletproof
Upgrading is hard:
● NAND flash errors
● Unexpected power loss
● Network errors
● Unexpected incompatibilities
● Checksum, cryptographic signature
A 0.1% failure rate on a 1m fleet is 1000 bricked devices
![Page 13: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/13.jpg)
Secure Communication
![Page 14: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/14.jpg)
Cipher suite? Pre-shared key
TLS_PSK_WITH_AES_128_CCM_8TLS_PSK_WITH_AES_128_CBC_SHA256
Client and server have a common secretSymmetric cryptography Tampering the device or the server give you access to all the future and past communications
![Page 15: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/15.jpg)
Secure communication is not cheap
https://tools.ietf.org/html/draft-ietf-lwig-tls-minimal-01+----------------------+-----------------+| | DTLS || +--------+--------+| | ROM | RAM |+----------------------+--------+--------+| State Machine | 8.15 | 1.9 || Cryptography | 3.3 | 1.5 || DTLS Record Layer | 3.7 | 0.5 |+----------------------+--------+--------+| TOTAL | 15.15 | 3.9 |+----------------------+--------+--------+ Table 1: Memory Requirements in KB
![Page 16: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/16.jpg)
Cipher suite? Public Key
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Server and client don’t share private keys,only public keys Perfect forward secrecy: past communication can’t be decrypted after secret compromission
![Page 17: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/17.jpg)
X.509 Certificate
Chain-of-trust for validating identity!
No more credential provisioning
Used for HTTPS
![Page 18: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/18.jpg)
Certificate: revocation checks
Revocation checking is still an issue in 2015:
Validity date checking: RTC? NTP?
More and more complexity on the device side:
CRL, OCSP, stapling
Hard fail? Soft fail? Certificate pinning?
![Page 19: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/19.jpg)
Pre-shared key vs X.509?
PSK is lighter, can run on very small targetX.509 crypto is heavier: (EC)DH,ECDSA/RSA
PSK Infrastructure is simpler but weaker(Hello SIM card key files)
X.509 Public Key Infrastructure is complex, but can be outsourced
![Page 20: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/20.jpg)
Key Distribution
![Page 21: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/21.jpg)
Pre-shared key generation
Everything should be provisioned at factory?
Don’t move big plain text list of credentials
Don’t use stupid formulas:
password = MD5(IMEI + CARRIER_NOT_SO_SECRET)
https://www.blackhat.com/docs/us-14/materials/us-14-Solnik-Cellular-Exploitation-On-A-Global-Scale-The-Rise-And-Fall-Of-The-Control-Protocol.pdf
![Page 22: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/22.jpg)
Secret rotation
Be sure to be ready to change them ASAP
Don’t wait the next Heartbleed for doing it
Good practice:
Changing the factory credential during the 1st
communication
![Page 23: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/23.jpg)
Key management protocols?
Enterprise PKI for X.509: CMP, OCSP
For PSK or X.509: Lightweight M2M bootstrap
![Page 24: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/24.jpg)
LwM2M bootstrap in a nutshell
Flash bootstrap credentials
![Page 25: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/25.jpg)
LwM2M bootstrap in a nutshell
I only have bootstrap credentials or I can’t reach final server
![Page 26: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/26.jpg)
LwM2M bootstrap in a nutshell
POST /bs
Bootstrap Server
![Page 27: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/27.jpg)
LwM2M bootstrap in a nutshell
Write DM URL & credentials
Bootstrap Server
![Page 28: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/28.jpg)
LwM2M bootstrap in a nutshell
DM ServerBootstrap Server
I have credential for the DM server
![Page 29: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/29.jpg)
LwM2M bootstrap in a nutshell
DM ServerBootstrap Server
POST /rd
![Page 30: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/30.jpg)
LwM2M bootstrap in a nutshell
DM ServerBootstrap Server
Start managing the device
![Page 31: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/31.jpg)
Server Security
![Page 32: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/32.jpg)
Why it’s mattering?
Risk:Takeover of your whole device fleetYou are a juicy target
Mitigations:More security (ex. 2 factor auth) than classical web serviceCollect only the necessary dataIsolate as much as possible web and devices
![Page 33: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/33.jpg)
Now where I start?
![Page 34: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/34.jpg)
Ask more time/budget?
![Page 35: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/35.jpg)
![Page 36: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/36.jpg)
Now you are part of the70% unencrypted network services
![Page 37: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/37.jpg)
Open-source to the rescue!
![Page 38: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/38.jpg)
Eclipse IoT - Leshan
Lightweight M2M implementation in Java
A library for building:
bootstrap, and device management servers
Support DTLS PSK, RPK, (X.509 soon)
And also client for beefier devices or testing
![Page 39: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/39.jpg)
Eclipse IoT - Leshan
Update firmware, software
Manage secrets (bootstrap)
Monitor and configure device
Can support custom object for applications
IPSO objects
![Page 40: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/40.jpg)
Eclipse IoT - Wakaama
C implementation of Lightweight M2M
Focused on embedded
Bring your own IP stack
Bring your own DTLS implementation
Bootstrap supported
![Page 41: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/41.jpg)
Eclipse IoT - Wakaama
You can receive packages for firmware/software update
But you need to implement live re-flashing on your platform
Known to be running on Linux, Arduino mega, ARM Cortex processors
![Page 42: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/42.jpg)
TinyDTLS | https://tindydtls.sf.net
MIT License, Eclipse proposal!
“Support session multiplexing in single-threaded applications and thus targets specifically on embedded systems.”
Examples for Linux, or Contiki OS
![Page 43: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/43.jpg)
TinyDTLS
Supported ciphersuites:
TLS_PSK_WITH_AES_128_CCM_8
TLS_ECDHE_ECDSA_WITH_AES128_CCM_8
![Page 44: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/44.jpg)
Demo!
![Page 45: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/45.jpg)
From Toolbox
![Page 46: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/46.jpg)
To Jump start
![Page 48: The 5 elements of IoT security](https://reader033.vdocuments.us/reader033/viewer/2022051502/58f9b3a1760da3da068bd801/html5/thumbnails/48.jpg)
+1 0 -1
Sign in: www.eclipsecon.org
Evaluate the sessions