This chapter is directed squarely at IoT implementers, those developing IoT devices (consumer or industrial) or integrating IoT communications into their enterprises. It provides you with an A to Z for their IoT implementations and deployments. While most of this book is devoted to practical application and guidance, this section diverges a bit to delve into deeper background topics associated with applied cryptography and cryptographic implementations. Many security practitioners will find this information common sense, but given the myriad cryptographic implementation errors and deployment insecurities even security-aware tech companies continue to deploy, we decided this background was needed. The risks are growing worse, evidenced by the fact that many industries historically unfamiliar with security (for example, home appliance vendors) continue to network-connect and IoT-enable their products. In the process, they make many avoidable errors that can harm their customers.
A detailed review of the use of cryptography to protect IoT communication and messaging protocols is provided, along with guidance on how the use of certain protocols drives the need for additional cryptographic protections at different layers of the technology stack.
Our world is witnessing unprecedented growth in machine connectivity over the internet and private networks. Unfortunately, on any given day, the benefits of that connectivity are soured by yet more news reports of personal, government, and corporate cyber security breaches. Hacktivists, nation states, and organized crime syndicates play a never-ending game of cat and mouse with the security industry. We are all victims, either as a direct result of a cyber breach or through the costs we incur to improve security technology services, insurance, and mitigate other risks. The demand for more security and privacy is finally gaining traction in corporate boardrooms and high-level government circles alike. A significant part of that demand is for wider adoption of cryptography to protect user and machine data. Secure by default principles suggest the need for near ubiquitous use of cryptography, thus it will play an ever growing role in securing the IoT. It is and will continue to be used for encrypting wireless edge networks (network and point-to-point), gateway traffic, backend cloud databases, software/firmware images, and exabytes of your data at rest.
Cryptography provides an indispensable tool set for securing data, transactions, and personal privacy in our information age. Fundamentally, when properly implemented, cryptography can provide the following security features to any data whether in transit or at rest:
Security feature | Cryptographic service(s) |
Confidentiality | Encryption |
Authentication | Digital signature or Message Authentication Code (MAC) |
Integrity | Digital signature or MAC |
Non-repudiation | Digital signature |
Revisiting definitions from Chapter 1, A Brave New World, the previous controls represent four out of five pillars of Information Assurance (IA). While the remaining one, availability, is not provided by cryptography, poorly implemented cryptographic instances can certainly deny availability (for example, communication stacks with crypto-synchronization problems).
The security benefits provided by cryptographyâconfidentiality, authentication, integrity, and non-repudiationâprovide direct, one-to-one mitigations against many host, data, and communication security risks.
In the not-too-distant past, the author (Van Duren) spent considerable time supporting the FAA in addressing the security needed in pilot-to-drone communications (a prerequisite to safe and secure integration of unmanned aircraft into the national airspace system). Before we could recommend the controls needed, we first needed to understand the different communication risks that could impact unmanned aircraft. This involved detailed characterization of common information types and flows between the pilot and the aircraft.
The point is that it is vital to understand the tenets of applied cryptography because many security practitionersâwhile they may not end up designing protocol-level controlsâwill at least end up making high-level cryptographic selections in the development of security embedded devices and system-level security architectures. These selections should always be based on identified risks.
When most people think about cryptography, encryption invariably comes to mind. They understand that data is scrambled, so to speak, so that unauthorized parties cannot decrypt and interpret it. Real-world cryptography is composed of a number of other primitives, however, each partially or fully satisfying one of the previous IA objectives. Securely implementing and combining cryptographic primitives together to achieve a larger, more complex security objective should only be performed or overseen by security professionals well versed in applied cryptography and protocol design. Even the most minor error can prevent the security objective(s) from being fulfilled and result in costly vulnerabilities. There are far more ways to mess up a cryptographic implementation than to get it right.
Cryptographic primitive types fall into the following categories:
- Encryption (and decryption): Provides confidentiality:
- Hashing
- Digital signatures: Signatures provide integrity, identity, and data-origin authentication as well as non-repudiation:
- Symmetric: MAC used for integrity and data-origin authentication
- Asymmetric: Elliptic Curve (EC) and Integer Factorization Cryptography (IFC)
- Random number generation: The basis of most cryptography requires very large numbers originating from high entropy sources. These are needed to generate or establish cryptographic keying material.
Cryptography is seldom used in isolation, however. Instead, it provides the underlying security functions used in upper-layer communication and other protocols. For example, Bluetooth, ZigBee, SSL/TLS, and a variety of other protocols specify how to use standard cryptographic primitives and integrate them into message protocols, message encodings, and relevant protocol behaviors (for example, how to handle a failed message integrity check).
Encryption is the cryptographic service most people are familiar with as it is used to so-called scramble or mask information so that unintended parties cannot read or interpret it. In other words, it is used to protect the confidentiality of the information from eavesdroppers (whether observing your communications or attempting to read your stored data), and to only allow it to be deciphered by intended parties. Encryption algorithms can be symmetric or asymmetric (explained shortly). In both cases, a cryptographic key and the unprotected data are input to the encryption algorithm, which encrypts the confidential data. Once in this state, it is protected from eavesdroppers. The receiving party uses a key to decrypt the data when it is needed. The unprotected data is called plaintext and the protected data is called ciphertext. The basic encryption process is depicted in the following diagram:
Encrypt-decrypt.graffle
It should be clear from the preceding diagram that if the data is ever decrypted prior to reaching IOT Device B, it is vulnerable to the Eavesdropper. This brings into question where in a communication stack and in what protocol the encryption is performed, that is, what the capabilities of the endpoints are. When encrypting for communication purposes, system security engineers need to decide between point-to-point encryption and end-to-end encryption as evidenced in their threat modeling. This is an area ripe for error, as many encrypted protocols operate only on a point-to-point basis and must traverse a variety of gateways and other intermediate devices, the paths to which may be highly insecure. For example, an OSI Layer 2 (link) encryptor may encrypt the routable network-layer traffic above it, and the protection terminates at the end of the link, whereas a network encryptor will encrypt payloads within a network-routable packet, and get it safely to a particular network destination. When network encryption doesn't fully satisfy end-to-end cryptographic protection, application-layer machine-to-machine encryption may be used.
In today's internet threat environment, end-to-end encryption at the session and application layers is most prominent due to severe data losses that can occur when decrypting within an intermediary. The electrical industry and the insecure SCADA protocols commonly employed in it provide a case in point. The security fixes often include building secure communication gateways (where newly added encryption is performed). In others, it is to tunnel the insecure protocols through end-to-end protected ones. System security architectures should clearly account for every encryption security protocol in use and highlight where plaintext data is located (in storage or transit) and where it needs to be encrypted. In general, whenever possible, end-to-end data encryption should be promoted as a secure-by-default policy.
2323__...