In my previous posts, I explained that IoT security is a multi-layered concept that involves encryption (ensuring that no one can intercept and read your messages), secure storage (ensuring that no one can impersonate or spoof your IoT device by stealing its key) and authentication (verifying with whom you are communicating).
Our next step is to explore how we implement these elements into an IoT solution that’s simple and economical. The answer: Use digital certificates and asymmetric cryptography in a secure element.
Asymmetric cryptography, also known as public key cryptography, uses public and private keys to encrypt and decrypt data. The public/private keys are large numbers that are different, but mathematically related which is why they are often referred to as key pairs. One key in the pair can be shared with everyone; it is called the public key. The other key in the pair is kept secret; it is called the private key. When data is encrypted with the private key, it can be decrypted or verified, with its corresponding public key. Since no one except the trusted source has the private key, no one else could have encrypted the data.This is often referred to as a digital signature and allows you to verify the origin of that data, i.e. authentication.
Many protocols like SSH, OpenPGP, S/MIME, and SSL/TLS rely on asymmetric cryptography for authentication through use of digital signatures. Asymmetric cryptography is also used in software programs to establish a secure connection over an insecure network like the internet or to validate a digital signature. Encryption strength is directly tied to key size and doubling the key length delivers an exponential increase in strength, although it does require more computing power to process. It is generally not practical to do cryptographic processing in software/firmware in a general purpose microcontroller, especially for small IoT devices.
However, there are a growing number of application-specific chips on the market that serve as secure key storage and crypto-accelerators for small microcontrollers and are called Secure Elements (more on those below). With these chips, you not only get high security for device keys, but the cryptographic functions (cipher suites) are hard-coded into the chip and can be accessed through an API. These chips can do a crypto operation in milliseconds and make implementation much simpler.
The foundation of asymmetric cryptography is public key infrastructure (PKI). A typical PKI is hardware, software and “standards to manage the creation, administration, distribution and revocation of keys and digital certificates.” A PKI is essentially the implementation of a set of policies and practices that ensures that any keys used for signing are properly protected and backed up. This makes sure that only authorized personnel are permitted access to the root and and signing keys and that all actions performed by them are fully recorded and documented on video and on paper. From that foundation, you know that any signatures on certificates and code are authentic because access to those keys are very strictly controlled.
With public key infrastructure (PKI) in mind, we can now use digital certificates embedded in connected devices to securely authenticate one device to another. Using certificates signed from a managed PKI, we can ensure that only trusted devices are allowed access to an ecosystem and enable trusted communications between devices to take place.
Digital certificates, which can be thought of as a digital identification card, are the workhorses of PKI as they allow for secure authentication and information exchange between networks, IoT devices and hubs. Each device exchanges certificates and confirms with the certificate authority on the status of the other devices. Secure data exchange or a verified software update can only begin after both devices have been identified and authenticated.
The certificate authority acts on behalf of the ecosystem and issues and signs certificates that provide verification of origin, a.k.a. authentication. By securely programming private keys and digital certificates into devices, you can achieve the goal of implanting unique identifiers in devices that can be verified as well as protected against theft and spoofing.
Though not required, an additional level of security can be achieved by using a secure element. A secure element is a special semiconductor chip that’s optimized for the specific purpose of performing cryptographic operations and providing high-security storage for private keys. They are not like standard EEPROM or Flash memory and are specifically designed to protect private keys from unauthorized access and are even protected against physical attacks.. You cannot just do a memory dump or read a locked memory slot with a secure element. You cannot even cut off the top of the chip packaging and probe the chip itself (yes, people actually do this) to get the key values. Secure elements have special layers on top of the die that prevents probes from touching down on memory cells and can sometimes even destroy the memory contents if a physical attack is detected.
A properly-designed secure element will not give you access to private keys. You can only perform operations within the chip using the keys and once it’s locked, the keys are closed to the world.
In addition to the secure storage for the keys, the secure element provides hardware acceleration for cryptographic operations that would normally be impractical for small microcontrollers used in small IoT devices. This allows for digital certificate authentication to be used to secure even very small devices.
Today in our fast paced world, having reliable and secure IoT devices has become a top priority in the workplace and at home. To read more about IoT security trends and tips, be sure to read my interview with CableLabs and stay tuned for my next post.
For those whose business is connecting people, places and devices, Kyrio is the trusted and secure source for everything networkable. As a subsidiary of CableLabs, Kyrio is the most experienced and comprehensive security provider in the market. If you have any questions about IoT security, digital certificates, or launching an IoT connected product, contact us today to find out how we can help you secure your entire ecosystem and provide trusted connectivity for your products.