Thomas Ulz, Thomas Pieber, Christian Steger1

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

A Comprehensive Study for RFID Malwares on Mobile Devices TBD.

NFC Devices: Security and Privacy

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Building an Application Server for Home Network based on Android Platform Yi-hsien Liao Supervised by ： Dr. Chao-huang Wei Department of Electrical Engineering.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Presented by: Arpit Jain Guided by: Prof. D.B. Phatak.

SEC835 Database and Web application security Information Security Architecture.

Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009.

Confidential & proprietary M2M communications in Transportation industry.

King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.

Near Field Communication Systems Patras, July 2006.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

György Kálmán, Josef Noll IEEE Symposium on Wireless Pervasive Computing, Santorini, Greece Speaker: 黃韋綸 User Controlled Content Access.

Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.

Lecture 24 Wireless Network Security

An Analysis of Bluetooth Security Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala.

Azam Supervisor : Prof. Raj Jain

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 24 “Wireless Network Security”.

Your Wireless Network has No Clothes* William A. Arbaugh, Narendar Shankar Y.C. Justin Wan University of Maryland Presentation by Eddy Purnomo,

Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.

NETWORKING & SYSTEM UPDATES

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

György Kálmán, Josef Noll Mobile and Wireless Communications Summit, th IST 1-5, July 2007 Speaker : 黃韋綸 Right Management Infrastructure for Home.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Security of the Internet of Things: perspectives and challenges

What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Literature by S. Demetriou et al. Presented.

ABSTRACT Near Field Communication (NFC) is based on a short- range wireless connectivity, designed for intuitive, simple and safe interaction between.

Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416.

NETWORK AND COMMUNICATIONS

A Low Cost, Portable Platform for Information Assurance and Security Education Dan C. Lo, Kai Qian Department of Computer Science and Software Engineering.

chownIoT Secure Handling of Smart Home IoT Devices Ownership Change

English for Advance Learners I

Wireless Protocols WEP, WPA & WPA2.

TinySec: Security for TinyOS

Cryptography and Network Security

Network Security Analysis Name : Waleed Al-Rumaih ID :

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

2N® Access Unit Bluetooth

Security and Encryption

A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications, ahead of.

BENJAMIN BILLET and VALERIE ISSARNY

network interface card (NIC)

Cryptography and Network Security

Internet of Things Vulnerabilities

Wireless LAN Security 4.3 Wireless LAN Security.

Mike Pappas, Nigel Himmelreich, Eric Anderson

January 15th Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Security protocol for Body area networks]

Mike Pappas, Nigel Himmelreich, Eric Anderson

Security Of Wireless Sensor Networks

PREPARED BY: RIDDHI PATEL (09CE085)

NEW PRODUCT INTRODUCTION CONEKT™ Mobile Smartphone Access Control Identification Solution June 2018.

Near field communication (NFC)

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

2N Access Unit 2.0 Multi-technology access control readers.

Security of Wireless Sensor Networks

Tareq Khan, Ph.D. Assistant Professor,

Configure a Wireless Router

SystemC Test Case Generation with the Gazebo Simulator

Configure a Wireless Router

Security in SDR & cognitive radio

An Overview of Security Issues in Sensor Network

ETSI Contribution to 3rd Meeting of EC Expert Group on RRS

Cryptography and Network Security

Security in Wireless Metropolitan Area Networks (802.16)

Security in Wireless Metropolitan Area Networks (802.16)

Presentation transcript:

SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration Thomas Ulz, Thomas Pieber, Christian Steger1 Christian Lesjak, Holger Bock, Rainer Matischek2 1Graz University of Technology, 2Infineon Austria AG

Outline Motivation, State-of-the-art SecureConfig Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Motivation – Industry 4.0 SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Motivation – Smart Homes SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Motivation – Smart Sensor Configuration Initial manufacturer keys Initial configuration Device owner key update Specific configuration updates Recurrent configuration updates Reconfiguration for changing tasks Reconfiguration for resale Deletion of confidential data SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

State-of-the-art Various configuration interfaces Wired Wireless (WiFi, Bluetooth, …) Buttons, Displays, DIP Switches Using Near Field Communication (NFC) Wu et al. 2016 Firmware Updates, not secured Haase et al. 2016 Arbitrary Data, some security SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Outline Motivation, State-of-the-art SecureConfig Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Configuration Interface Requirements Do not expose configuration interface to network Use NFC Suggested by Wu et al. 2016, Haase et al. 2016 Suitable for smart home and smart factory Not considered in State-of-the-art NFC Reader for Smart Home users infeasible Secured confidential configurations State-of-the-art not or insufficiently secured SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Configuration Interface Requirements Configure devices with no power source attached Prevent tampering with applied configurations Our contribution: Approach that meets these requirements Comprising of protocol and hardware extension SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Hybrid Approach SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

QR-Code Protocol Two variants, both encrypt payload using Authenticated Encryption (AE) Inline, no connection to backend required Up to 2900 bytes of data directly in QR-Code URL, requires connection to backend QR-Code contains URL to download configuration SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

NFC Protocol Based on the NFC Data Exchange Format (NDEF) Accept Configuration if AE verified and: Version > current version Realtime < Validity Sensor ID matches SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Outline Motivation, State-of-the-art SecureConfig Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Smart Sensor Enhancement Requirements Suitable for new and legacy devices Tamper resistant NFC Interface Networking Interface SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Smart Sensor Enhancement Requirements Suitable for new and legacy devices Tamper resistant NFC Interface Networking Interface SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Outline Motivation, State-of-the-art SecureConfig Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Evaluation Feasibility: Prototype Performance: overhead, transfer speed Security improvements: threat analysis SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Evaluation – Prototype Built using COTS Sensor Controller Infineon XMC4500 Security Controller (SC) Infineon SLE78 Android phone as mobile device SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Evaluation – Performance Small configuration update of 64 bytes 200ms, similar to TLS handshake Overhead 16 Bytes fixed + variable overhead Padding Length of MAC SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Evaluation – Threat Analysis Not exhaustive, most relevant threats identified 2 Assets, 11 threats Countermeasures for 9 threats Residual risks for 2 threats SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Evaluation – Threat Analysis Problems such as weak cryptography, bugs in configuration interface or backdoors Mitigated by using CC EAL5+ certified SC Problems with malicious users and adversaries Mitigated by proposed configuration protocol Residual risks for DoS attacks by malicious users SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Outline Motivation, State-of-the-art SecureConfig Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Conclusion and Future Work QR-Code and NFC Hybrid Configuration Approach Suitable for smart home and smart factory use cases Secured by protocol and tamper resistant hardware Relevant threats mitigated; Acceptable overhead Future work: SPAKE, attestation mechanism SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Thank you for your attention! Questions? Thank you for your attention! Acknowledgement: SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th