Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011.

Slides:

Advertisements

Similar presentations

Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –

Advertisements

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology

US View on the Technological Convergence Between the Internet of Things and Cloud Computing June 1, 2010 Brussels, Belgium Presented by: Dan Caprio.

Home Area Networks …Expect More Mohan Wanchoo Jasmine Systems, Inc.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Controlling Network Boundaries.

Doc.: IEEE /173r1 Submission Byoung-Jo Kim, AT&T March 2003 Slide 1 Coexistence of Legacy & RSN STAs in Public WLAN Byoung-Jo “J” Kim AT&T Labs-Research.

Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Ruhr University Bochum Cryptography in Heavily Constraint Environments Christof Paar EUROBITS Center for IT Security COmmunication SecuritY (COSY) Group.

FIT3105 Smart card based authentication and identity management Lecture 4.

Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.

Cryptography Basic (cont)

Wired Equivalent Privacy (WEP)

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S

Advanced Metering Infrastructure

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

-Anusha Uppaluri.  ECC- A set of algorithms for key generation, encryption and decryption (public key encryption technique)  ECC was introduced by Victor.

Digital Signatures Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013.

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

Information Security Lab. Dept. of Computer Engineering 182/203 PART I Symmetric Ciphers CHAPTER 7 Confidentiality Using Symmetric Encryption 7.1 Placement.

Chapter 21 Public-Key Cryptography and Message Authentication.

Dnssd requirements draft-ietf-dnssd-requirements-01 Kerry Lynn Stuart Cheshire Marc Blanchet Daniel Migault IETF 89, London, 3 March 2014.

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

2003/12/291 Security Aspects of 3G-WLAN Interworking 組別： 2 組員：陳俊文 , 李奇勇 , 黃弘光 , 林柏均

RADIUS Crypto-Agility Requirements November 18, 2008 David B. Nelson IETF 73 Minneapolis.

SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.

Summary of Distributed Computing Security Yifeng Zou Georgia State University

Chapter 7 – Confidentiality Using Symmetric Encryption.

ID anywhere mobile | smart cards | devices.

Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

1 SecWG New Business Discussions CCSDS CNES, Toulouse FR Howard Weiss NASA/JPL/SPARTA November 2004.

Potential vulnerabilities of IPsec-based VPN

Wireless and Mobile Security

David Adrian, Karthikeyan Bhargavan, etc. Presented by Eunyoung Cho.

Azam Supervisor : Prof. Raj Jain

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.

1 Enabling Smart Cities/Campuses to Serve the Internet of People Florence Hudson Senior Vice President & Chief Innovation Officer Internet2 TNC16 June.

1 Rogue Mobile Shell Problem Verizon Wireless October 26, 2000 Christopher Carroll.

Wired Equivalent Privacy. INTRODUCTION Wired Equivalent Privacy (WEP) is a security algorithm for IEEE wireless networks. Introduced as part of.

Secret Key Cryptography

chownIoT Secure Handling of Smart Home IoT Devices Ownership Change

Internet of Things and Smart Cities

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

Hardware Cryptographic Coprocessor

Algorithms for Big Data Delivery over the Internet of Things

Jason cooper blockchain specialist Unlock blockchain 14 January 2018

Experimenting with Electronic Commerce on the PalmPilot

Presented by: Ms Siyabulela Bashe

SPIRAL: Security Protocols for Cerberus

Presentation transcript:

Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011

Mandatory to Implement Security Security solutions should be mandatory to implement, but optional to use – While initial deployments will surely turn security off, experience with WEP implies that attacks exploiting such configurations will follow closely – Including security support will allow early adopters to respond appropriately

Suitable Cryptographic Algorithms “Conventional” cryptographic algorithms assume significant resources (memory, CPU) – Some current algorithms seem plausible AES-GCM provides auth & enc ECC has smaller footprint than RSA, DSA, D-H Wait and see for SHA-3 If these algorithms are too demanding, new algorithms need to be developed – Critical that we require at least 112 bits security strength, since attacker is not resource constrained

Automated Key Management & Credentialing Automated key management is always harder than the cryptographic primitives – And the weak link is usually credentialing Pre-shared keys aren’t a realistic option – The sheer number of devices in the IoT demands automated key management Need to consider Usability May need to be innovative – Consider Leap-of-Faith, or pairing protocols, to efficiently introduce new devices

Meeting Privacy Expectations Build in privacy protection from the beginning Experiences with Smart Grid show that privacy concerns can seriously impede deployment – Exposing power consumption patterns for homes and businesses violates expectations of privacy – The IoT has the potential to expose our activities with greater precision

Summary Build security in, even if performance suffers when enabled Insist on 112+ bits of security in crypto algs – Build in crypt agility in case better algs emerge Automated Key Management is essential – Usable credential management is the challenge Respect privacy concerns – Essential to acceptance of IoT technology