Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011.

Published byDelilah Eaton Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011."— Presentation transcript:

1 Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011

2 Mandatory to Implement Security Security solutions should be mandatory to implement, but optional to use – While initial deployments will surely turn security off, experience with WEP implies that attacks exploiting such configurations will follow closely – Including security support will allow early adopters to respond appropriately

3 Suitable Cryptographic Algorithms “Conventional” cryptographic algorithms assume significant resources (memory, CPU) – Some current algorithms seem plausible AES-GCM provides auth & enc ECC has smaller footprint than RSA, DSA, D-H Wait and see for SHA-3 If these algorithms are too demanding, new algorithms need to be developed – Critical that we require at least 112 bits security strength, since attacker is not resource constrained

4 Automated Key Management & Credentialing Automated key management is always harder than the cryptographic primitives – And the weak link is usually credentialing Pre-shared keys aren’t a realistic option – The sheer number of devices in the IoT demands automated key management Need to consider Usability May need to be innovative – Consider Leap-of-Faith, or pairing protocols, to efficiently introduce new devices

5 Meeting Privacy Expectations Build in privacy protection from the beginning Experiences with Smart Grid show that privacy concerns can seriously impede deployment – Exposing power consumption patterns for homes and businesses violates expectations of privacy – The IoT has the potential to expose our activities with greater precision

6 Summary Build security in, even if performance suffers when enabled Insist on 112+ bits of security in crypto algs – Build in crypt agility in case better algs emerge Automated Key Management is essential – Usable credential management is the challenge Respect privacy concerns – Essential to acceptance of IoT technology

Download ppt "Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011."

Similar presentations

Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –

Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –
Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology

An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology
US View on the Technological Convergence Between the Internet of Things and Cloud Computing June 1, 2010 Brussels, Belgium Presented by: Dan Caprio.

US View on the Technological Convergence Between the Internet of Things and Cloud Computing June 1, 2010 Brussels, Belgium Presented by: Dan Caprio.
Home Area Networks …Expect More Mohan Wanchoo Jasmine Systems, Inc.

Home Area Networks …Expect More Mohan Wanchoo Jasmine Systems, Inc.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Controlling Network Boundaries.

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Controlling Network Boundaries.
Doc.: IEEE 802.11-03/173r1 Submission Byoung-Jo Kim, AT&T March 2003 Slide 1 Coexistence of Legacy & RSN STAs in Public WLAN Byoung-Jo “J” Kim AT&T Labs-Research.

Doc.: IEEE /173r1 Submission Byoung-Jo Kim, AT&T March 2003 Slide 1 Coexistence of Legacy & RSN STAs in Public WLAN Byoung-Jo “J” Kim AT&T Labs-Research.
Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.

Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
Ruhr University Bochum Cryptography in Heavily Constraint Environments Christof Paar EUROBITS Center for IT Security COmmunication SecuritY (COSY) Group.

Ruhr University Bochum Cryptography in Heavily Constraint Environments Christof Paar EUROBITS Center for IT Security COmmunication SecuritY (COSY) Group.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.

Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.
Cryptography Basic (cont)

Cryptography Basic (cont)
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S

Similar presentations

Ads by Google