Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cryptographic Protocols for a Secure and Private IoT

Cryptographic Protocols for a Secure and Private IoT

Mrinal Wadhwa

April 19, 2021
Tweet

More Decks by Mrinal Wadhwa

Other Decks in Technology

Transcript

  1. cryptographic protocols for security and privacy on the internet of

    things mrinal wadhwa
  2. None
  3. None
  4. Implicit trust in network boundaries Lack of mutual authentication Lack

    of end-to-end data integrity and confidentiality Poor management of keys and credentials
  5. None
  6. Implicit trust in network boundaries Lack of mutual authentication Lack

    of end-to-end data integrity and confidentiality Poor management of keys and credentials
  7. end-to-end secure channels

  8. Heart Rate Monitor Heart Rate Application

  9. Heart Rate Monitor Heart Rate Application

  10. Heart Rate Monitor Heart Rate Service Heart Rate Application

  11. Heart Rate Monitor Heart Rate Service 80 bpm Heart Rate

    Application
  12. Heart Rate Monitor Heart Rate Service 80 bpm Heart Rate

    Application
  13. The phone may not be online all the time so

    the service also caches this data to deliver it later … Heart Rate Monitor Heart Rate Service 80 bpm Heart Rate Application
  14. Initiator Responder Shared Secret Shared Secret M1 M2 M3 The

    shared secret is then used as a key in Symmetric Key Cryptography to maintain con fi dentiality and integrity of application data. Application Data - Authenticated Encryption The entities involved use Public Key Cryptography to authenticate each other and agree on a shared secret. Authenticated Key Exchange D Secure Channel
  15. Coming back to our heart rate solution, for secure communication

    … Heart Rate Monitor Heart Rate Service Heart Rate Application
  16. Heart Rate Monitor Heart Rate Service Secure Channel We setup

    a secure channel between the monitor and the service. Heart Rate Application
  17. Heart Rate Monitor Heart Rate Service Secure Channel Secure Channel

    And another secure channel between the phone and the service. Heart Rate Application
  18. Heart Rate Monitor Heart Rate Service Transport Layer Security Transport

    Layer Security Since these devices have direct access to the internet, with TLS … Heart Rate Application
  19. Heart Rate Monitor Heart Rate Service 80 bpm Transport Layer

    Security Transport Layer Security Heart Rate Application
  20. Heart Rate Monitor Heart Rate Service 80 bpm 0x217c5111… Transport

    Layer Security Transport Layer Security Heart Rate Application
  21. Heart Rate Monitor Heart Rate Service 80 bpm 0x217c5111… 80

    bpm Transport Layer Security Transport Layer Security Heart Rate Application
  22. Heart Rate Monitor Heart Rate Service 80 bpm 0x217c5111… 80

    bpm 0x8621f842… Transport Layer Security Transport Layer Security Heart Rate Application
  23. Heart Rate Monitor Heart Rate Service 80 bpm 0x217c5111… 80

    bpm 0x8621f842… 80 bpm This type of setup is industry best practice. Transport Layer Security Transport Layer Security Heart Rate Application
  24. Heart Rate Monitor Heart Rate Service 80 bpm 0x217c5111… 80

    bpm 0x8621f842… 80 bpm But even when we manage to setup the channels correctly the data is still exposed to the service. 
 The service doesn’t need to know the contents of the message to route and cache messages (its primary job). Transport Layer Security Transport Layer Security Heart Rate Application
  25. Least Privilege. Principle of Every program and every privileged user

    of the system should operate using the least amount of privilege necessary to complete the job.” — Jerome Saltzer, Communications of the ACM, 1974
  26. Heart Rate Monitor Heart Rate Application Heart Rate

  27. Application Layer Routing in Ockam

  28. https://github.com/ockam-network/ockam/tree/develop/documentation/guides/rust

  29. Route on/off instructions. Connected Outlet Connected Outlet Application Connected Outlet

    Service
  30. Route open/close instructions. Connected Lock Connected Lock Application Connected Lock

    Service
  31. Route/Cache sensor data, alerts and videos. Camera Door Bell Camera

    Door Bell Application Camera Door Bell Service
  32. Route Sensor Alerts Fire Alarm Application Fire Alarm Service Fire

    Alarm
  33. Gateway Flood Warning Sensor Multiple transport protocols in the path

    of one message. TCP TCP Flood Monitoring System Sensors Vendor’s Service LPWAN
  34. Gateway Flood Warning Sensor Flood Monitoring System Sensors Vendor’s Service

    Various protocols have various different secure channel designs. TLS TLS LPWAN
  35. Gateway Flood Warning Sensor A secure channel that is decoupled

    from the transport layer connections. 
 The gateway and sensor vendor shouldn’t be exposed to application data. Flood Monitoring System Sensors Vendor’s Service
  36. D D D … Devices … … Gateways … Lighting

    HVAC Water Monitoring Elevators Access Control Fire Safety Waste Parking … Vendor IoT Backends … System Integrator 1 Building Management System … SI IoT Backends … System Integrator 2 G G D D D D D D D D D D D D D D D D D D D D D G G G G G G G G G G G G G G Complexity & attack surfaces grow to be unmanageable. Proprietary data is leaked. Security becomes untenable.
  37. D D D … Devices … … Gateways … Lighting

    HVAC Water Monitoring Elevators Access
  38. end-to-end secure channels

  39. Implicit trust in network boundaries Lack of mutual authentication Lack

    of end-to-end data integrity and confidentiality Poor management of keys and credentials
  40. None
  41. ephemeral identities

  42. selective disclosure

  43. anonymous credentials

  44. new protocols

  45. zero knowledge proofs

  46. federated learning

  47. differential privacy

  48. homomorphic encryption

  49. Mrinal Wadhwa CTO, Ockam mrinal github.com/ockam-network/ockam