Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cryptographic Protocols for a Secure and Private IoT

Cryptographic Protocols for a Secure and Private IoT

Mrinal Wadhwa

April 19, 2021
Tweet

More Decks by Mrinal Wadhwa

Other Decks in Technology

Transcript

  1. cryptographic
    protocols
    for security and privacy on the internet of things
    mrinal wadhwa

    View full-size slide

  2. Implicit trust in network boundaries
    Lack of mutual authentication
    Lack of end-to-end data integrity and confidentiality
    Poor management of keys and credentials

    View full-size slide

  3. Implicit trust in network boundaries
    Lack of mutual authentication
    Lack of end-to-end data integrity and confidentiality
    Poor management of keys and credentials

    View full-size slide

  4. end-to-end


    secure channels

    View full-size slide

  5. Heart Rate


    Monitor
    Heart Rate


    Application

    View full-size slide

  6. Heart Rate


    Monitor
    Heart Rate


    Application

    View full-size slide

  7. Heart Rate


    Monitor
    Heart Rate


    Service
    Heart Rate


    Application

    View full-size slide

  8. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    Heart Rate


    Application

    View full-size slide

  9. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    Heart Rate


    Application

    View full-size slide

  10. The phone may not be online all the time so the service also caches this data to deliver it later …
    Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    Heart Rate


    Application

    View full-size slide

  11. Initiator Responder
    Shared Secret Shared Secret
    M1
    M2
    M3
    The shared secret is then used as a key in Symmetric Key
    Cryptography to maintain con
    fi
    dentiality and integrity of application
    data.
    Application Data - Authenticated Encryption
    The entities involved use Public Key Cryptography to authenticate
    each other and agree on a shared secret.
    Authenticated Key Exchange
    D
    Secure Channel

    View full-size slide

  12. Coming back to our heart rate solution, for secure communication …
    Heart Rate


    Monitor
    Heart Rate


    Service
    Heart Rate


    Application

    View full-size slide

  13. Heart Rate


    Monitor
    Heart Rate


    Service
    Secure Channel
    We setup a secure channel between the monitor and the service.
    Heart Rate


    Application

    View full-size slide

  14. Heart Rate


    Monitor
    Heart Rate


    Service
    Secure Channel Secure Channel
    And another secure channel between the phone and the service.
    Heart Rate


    Application

    View full-size slide

  15. Heart Rate


    Monitor
    Heart Rate


    Service
    Transport Layer Security Transport Layer Security
    Since these devices have direct access to the internet, with TLS …
    Heart Rate


    Application

    View full-size slide

  16. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    Transport Layer Security Transport Layer Security
    Heart Rate


    Application

    View full-size slide

  17. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    0x217c5111…
    Transport Layer Security Transport Layer Security
    Heart Rate


    Application

    View full-size slide

  18. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    0x217c5111…
    80 bpm
    Transport Layer Security Transport Layer Security
    Heart Rate


    Application

    View full-size slide

  19. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    0x217c5111…
    80 bpm
    0x8621f842…
    Transport Layer Security Transport Layer Security
    Heart Rate


    Application

    View full-size slide

  20. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    0x217c5111…
    80 bpm
    0x8621f842…
    80 bpm
    This type of setup is industry best practice.
    Transport Layer Security Transport Layer Security
    Heart Rate


    Application

    View full-size slide

  21. Heart Rate


    Monitor
    Heart Rate


    Service
    80 bpm
    0x217c5111…
    80 bpm
    0x8621f842…
    80 bpm
    But even when we manage to setup the channels correctly the data is still exposed to the service.

    The service doesn’t need to know the contents of the message to route and cache messages (its primary job).
    Transport Layer Security Transport Layer Security
    Heart Rate


    Application

    View full-size slide

  22. Least
    Privilege.
    Principle of
    Every program and every privileged user of the system should operate using
    the least amount of privilege necessary to complete the job.”
    — Jerome Saltzer, Communications of the ACM, 1974

    View full-size slide

  23. Heart Rate


    Monitor
    Heart Rate


    Application
    Heart Rate


    View full-size slide

  24. Application Layer Routing in Ockam

    View full-size slide

  25. https://github.com/ockam-network/ockam/tree/develop/documentation/guides/rust

    View full-size slide

  26. Route on/off instructions.
    Connected Outlet Connected Outlet


    Application
    Connected Outlet


    Service

    View full-size slide

  27. Route open/close instructions.
    Connected Lock Connected Lock


    Application
    Connected Lock


    Service

    View full-size slide

  28. Route/Cache sensor data, alerts and videos.
    Camera Door Bell Camera Door Bell


    Application
    Camera Door Bell


    Service

    View full-size slide

  29. Route Sensor Alerts
    Fire Alarm


    Application
    Fire Alarm


    Service
    Fire Alarm

    View full-size slide

  30. Gateway
    Flood Warning Sensor
    Multiple transport protocols in the path of one message.
    TCP TCP
    Flood Monitoring System
    Sensors Vendor’s Service
    LPWAN

    View full-size slide

  31. Gateway
    Flood Warning Sensor
    Flood Monitoring System
    Sensors Vendor’s Service
    Various protocols have various different secure channel designs.
    TLS TLS
    LPWAN

    View full-size slide

  32. Gateway
    Flood Warning Sensor
    A secure channel that is decoupled from the transport layer connections.

    The gateway and sensor vendor shouldn’t be exposed to application data.
    Flood Monitoring System
    Sensors Vendor’s Service

    View full-size slide

  33. D D D … Devices …
    … Gateways …
    Lighting HVAC
    Water


    Monitoring
    Elevators
    Access


    Control
    Fire Safety Waste Parking
    … Vendor IoT Backends …
    System Integrator 1
    Building Management System
    … SI IoT Backends … System Integrator 2
    G G
    D D D D D D D D D D D D D D D D D D D D D
    G G G G G G G G G G G G G G
    Complexity & attack surfaces grow to be unmanageable. Proprietary data is leaked. Security becomes untenable.

    View full-size slide

  34. D D D … Devices …
    … Gateways …
    Lighting HVAC
    Water


    Monitoring
    Elevators
    Access


    View full-size slide

  35. end-to-end


    secure channels

    View full-size slide

  36. Implicit trust in network boundaries
    Lack of mutual authentication
    Lack of end-to-end data integrity and confidentiality
    Poor management of keys and credentials

    View full-size slide

  37. ephemeral


    identities

    View full-size slide

  38. selective


    disclosure

    View full-size slide

  39. anonymous


    credentials

    View full-size slide

  40. new protocols

    View full-size slide

  41. zero knowledge
    proofs

    View full-size slide

  42. federated


    learning

    View full-size slide

  43. differential


    privacy

    View full-size slide

  44. homomorphic
    encryption

    View full-size slide

  45. Mrinal Wadhwa
    CTO, Ockam
    mrinal
    github.com/ockam-network/ockam

    View full-size slide