Presentation is loading. Please wait.

Presentation is loading. Please wait.

Thomas Ulz, Thomas Pieber, Christian Steger1

Published byBertram Chandler Modified over 6 years ago

Similar presentations

Presentation on theme: "Thomas Ulz, Thomas Pieber, Christian Steger1"— Presentation transcript:

1 SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration
Thomas Ulz, Thomas Pieber, Christian Steger1 Christian Lesjak, Holger Bock, Rainer Matischek2 1Graz University of Technology, 2Infineon Austria AG

2 Outline Motivation, State-of-the-art SecureConfig
Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

3 Motivation – Industry 4.0 SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

4 Motivation – Smart Homes
SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

5 Motivation – Smart Sensor Configuration
Initial manufacturer keys Initial configuration Device owner key update Specific configuration updates Recurrent configuration updates Reconfiguration for changing tasks Reconfiguration for resale Deletion of confidential data SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

6 State-of-the-art Various configuration interfaces
Wired Wireless (WiFi, Bluetooth, …) Buttons, Displays, DIP Switches Using Near Field Communication (NFC) Wu et al. 2016 Firmware Updates, not secured Haase et al. 2016 Arbitrary Data, some security SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

7 Outline Motivation, State-of-the-art SecureConfig
Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

8 Configuration Interface Requirements
Do not expose configuration interface to network Use NFC Suggested by Wu et al. 2016, Haase et al. 2016 Suitable for smart home and smart factory Not considered in State-of-the-art NFC Reader for Smart Home users infeasible Secured confidential configurations State-of-the-art not or insufficiently secured SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

9 Configuration Interface Requirements
Configure devices with no power source attached Prevent tampering with applied configurations Our contribution: Approach that meets these requirements Comprising of protocol and hardware extension SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

10 Hybrid Approach SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

11 QR-Code Protocol Two variants, both encrypt payload using Authenticated Encryption (AE) Inline, no connection to backend required Up to 2900 bytes of data directly in QR-Code URL, requires connection to backend QR-Code contains URL to download configuration SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

12 NFC Protocol Based on the NFC Data Exchange Format (NDEF)
Accept Configuration if AE verified and: Version > current version Realtime < Validity Sensor ID matches SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

13 Outline Motivation, State-of-the-art SecureConfig
Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

14 Smart Sensor Enhancement
Requirements Suitable for new and legacy devices Tamper resistant NFC Interface Networking Interface SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

15 Smart Sensor Enhancement
Requirements Suitable for new and legacy devices Tamper resistant NFC Interface Networking Interface SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

16 Outline Motivation, State-of-the-art SecureConfig
Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

17 Evaluation Feasibility: Prototype
Performance: overhead, transfer speed Security improvements: threat analysis SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

18 Evaluation – Prototype
Built using COTS Sensor Controller Infineon XMC4500 Security Controller (SC) Infineon SLE78 Android phone as mobile device SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

19 Evaluation – Performance
Small configuration update of 64 bytes 200ms, similar to TLS handshake Overhead 16 Bytes fixed + variable overhead Padding Length of MAC SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

20 Evaluation – Threat Analysis
Not exhaustive, most relevant threats identified 2 Assets, 11 threats Countermeasures for 9 threats Residual risks for 2 threats SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

21 Evaluation – Threat Analysis
Problems such as weak cryptography, bugs in configuration interface or backdoors Mitigated by using CC EAL5+ certified SC Problems with malicious users and adversaries Mitigated by proposed configuration protocol Residual risks for DoS attacks by malicious users SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

22 Outline Motivation, State-of-the-art SecureConfig
Requirements QR-Code Protocol NFC Protocol Smart Sensor Enhancement Evaluation Conclusion and Future Work SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

23 Conclusion and Future Work
QR-Code and NFC Hybrid Configuration Approach Suitable for smart home and smart factory use cases Secured by protocol and tamper resistant hardware Relevant threats mitigated; Acceptable overhead Future work: SPAKE, attestation mechanism SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

24 Thank you for your attention!
Questions? Thank you for your attention! Acknowledgement: SecureConfig: NFC and QR-Code based Hybrid Approach for Smart Sensor Configuration IEEE RFID 2017, May 10th

Download ppt "Thomas Ulz, Thomas Pieber, Christian Steger1"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
A Comprehensive Study for RFID Malwares on Mobile Devices TBD.

A Comprehensive Study for RFID Malwares on Mobile Devices TBD.
NFC Devices: Security and Privacy

NFC Devices: Security and Privacy
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Building an Application Server for Home Network based on Android Platform Yi-hsien Liao Supervised by : Dr. Chao-huang Wei Department of Electrical Engineering.

Building an Application Server for Home Network based on Android Platform Yi-hsien Liao Supervised by : Dr. Chao-huang Wei Department of Electrical Engineering.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Presented by: Arpit Jain 113050028 Guided by: Prof. D.B. Phatak.

Presented by: Arpit Jain Guided by: Prof. D.B. Phatak.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009.

Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009.
Confidential & proprietary M2M communications in Transportation industry.

Confidential & proprietary M2M communications in Transportation industry.
King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.

King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.
Near Field Communication Systems Patras, July 2006.

Near Field Communication Systems Patras, July 2006.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date : 2012-12-08.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
György Kálmán, Josef Noll IEEE Symposium on Wireless Pervasive Computing, Santorini, Greece Speaker: 黃韋綸 User Controlled Content Access.

György Kálmán, Josef Noll IEEE Symposium on Wireless Pervasive Computing, Santorini, Greece Speaker: 黃韋綸 User Controlled Content Access.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.

Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
Lecture 24 Wireless Network Security

Lecture 24 Wireless Network Security
An Analysis of Bluetooth Security Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala.

An Analysis of Bluetooth Security Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala.

Similar presentations

Ads by Google