Technological armor evolves to keep IoT devices safe from attack

Rubicon Labs, others work to provide secure cryptographic keys

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Tens of bil­lions of phys­i­cal objects, from toast­ers and ther­mostats to vehi­cles and build­ings will become net­work enabled over the next few years and join the Inter­net of Things.

As that hap­pens, there will be a grow­ing require­ment for tech­nol­o­gy to iden­ti­fy and authen­ti­cate devices con­nect­ed to the IoT to enable secure com­mu­ni­ca­tions between them. Just as today’s users authen­ti­cate them­selves when access­ing their bank accounts, and web browsers authen­ti­cate web­sites to make sure they are safe, IoT devices will need a way to iden­ti­fy one anoth­er in a trust­ed manner.

Com­pli­men­ta­ry webi­nar: How iden­ti­ty theft pro­tec­tion has become a must-have employ­ee benefit

Among the hand­ful of com­pa­nies try­ing to address the prob­lem ear­ly is Rubi­con Labs, a San Fran­cis­co-based start­up that offers tech­nol­o­gy for secure­ly pro­vid­ing cryp­to­graph­ic iden­ti­ties to IoT devices and then pro­tect­ing those iden­ti­ties against compromise.

The tech­nol­o­gy gives man­u­fac­tur­ers a way to attach the rough equiv­a­lent of a Hard­ware Secu­ri­ty Mod­ule on indi­vid­ual IoT sen­sors and devices. It enables IoT device iden­ti­fi­ca­tion and authen­ti­ca­tion at a sub­stan­tial­ly low­er cost and in a more scal­able man­ner than approach­es based on dig­i­tal cer­tifi­cates and Secure Sock­ets Layer/Transport Lay­er Secu­ri­ty, accord­ing to Rod Schultz, Rubicon’s vice pres­i­dent of products.

rubicon_logoA cou­ple of fac­tors make Rubicon’s method dif­fer­ent. The com­pa­ny requires very lit­tle real estate on an IoT device or sen­sor in order to attach a dig­i­tal iden­ti­ty to it. Rubi­con also uses so-called Zero Knowl­edge Key archi­tec­ture to pro­tect the cryp­to­graph­ic keys that are used to authen­ti­cate iden­ti­ty while in tran­sit, at rest and while they actu­al­ly are being used, Schultz says.

Zero knowl­edge is good knowledge

Zero Knowl­edge Key tech­nol­o­gy is designed to ensure that IoT devices can dig­i­tal­ly iden­ti­fy and authen­ti­cate them­selves with­out dis­clos­ing the secret keys that give them their unique iden­ti­ties. The approach all but elim­i­nates the poten­tial for attack­ers to steal cryp­to­graph­ic keys and spoof devices and services.

Rod Schultz, Rubicon Labs vice president of products
Rod Schultz, Rubi­con Labs vice pres­i­dent of products

One area where Rubicon’s tech­nol­o­gy is an obvi­ous fit is in the elec­tron­ic con­trol units (ECUs) of mod­ern cars, Schultz says. Con­nect­ed cars can have dozens of ECUs con­trol­ling every aspect of the vehicle’s oper­a­tion, includ­ing steer­ing, brak­ing, engine per­for­mance, enter­tain­ment, nav­i­ga­tion sys­tems and airbags. It is not uncom­mon for the ECUs to com­mu­ni­cate with one anoth­er, with exter­nal cloud ser­vices, and the vehicle’s main Con­trol Area Net­work (CAN) in a com­plete­ly unen­crypt­ed and unau­then­ti­cat­ed fash­ion, mak­ing them vul­ner­a­ble to com­pro­mise in the process.

As an exam­ple, Schultz point­ed to a sen­sa­tion­al exploit last year where secu­ri­ty researchers showed how they could take com­plete con­trol of a mov­ing Jeep Cherokee’s steer­ing, trans­mis­sion and oth­er func­tions from 10 miles away.

For their demon­stra­tion, the secu­ri­ty researchers first gained access to the vehicle’s enter­tain­ment sys­tem via a poor­ly pro­tect­ed port and then used that ini­tial foothold to gain access to the vehicle’s CAN-bus and take con­trol of vir­tu­al­ly every function.

Because the vehicle’s CAN-bus com­mu­ni­ca­tion was not authen­ti­cat­ed or encrypt­ed, the researchers were able to get it to act on mali­cious com­mands sent from an untrust­ed, unver­i­fied exter­nal source. In a prop­er­ly secured envi­ron­ment, the CAN-bus should only have been com­mu­ni­cat­ing with known and prop­er­ly authen­ti­cat­ed devices in the car.

Brac­ing for the worst

Issues like this are going to pro­lif­er­ate rapid­ly and with far worse con­se­quences as more inse­cure devices and sen­sors get con­nect­ed to the IoT in the next few years, espe­cial­ly in areas like health care and oth­er crit­i­cal infra­struc­ture sectors.

Relat­ed: ‘Side chan­nel attacks’ pose ris­ing haz­ard as IoT grows

Com­pelling IoT use cas­es also are expect­ed to emerge for small and medi­um-size busi­ness­es, as well, over the next few years, accord­ing to the SMB Group. For exam­ple IoT sen­sors for track­ing crates and pal­lets could help reduce logis­tics costs. In-store, net­work-con­nect­ed bea­cons could help small retail­ers deliv­er more tar­get­ed adver­tise­ments to cus­tomers, while those mount­ed on vehi­cles could help with fleet management.

Rubicon’s tech­nol­o­gy is designed to address the secu­ri­ty issues such use rais­es by giv­ing man­u­fac­tures a way to assign dig­i­tal iden­ti­ties to IoT sen­sors and devices in a cost-effec­tive and high­ly scal­able man­ner, Schultz said.

Embed­ding security

Rubi­con is posi­tion­ing its tech­nol­o­gy as appro­pri­ate for con­nect­ed cars, or any oth­er com­put­ing device that needs to be cer­ti­fied authen­tic and needs a cer­ti­fied com­mu­ni­ca­tions stack, said David Mon­a­han, an ana­lyst with Enter­prise Man­age­ment Associates.

By embed­ding their tech into IoT devices, their key­ing proves that the device is authen­tic and can be trust­ed,” Mon­a­han said. Rubicon’s tech­nol­o­gy can prove that both the device try­ing to com­mu­ni­cate and the tar­get device are autho­rized to send and receive com­mu­ni­ca­tions from each oth­er, he said.

While Rubicon’s tech­nol­o­gy is pri­mar­i­ly aimed at the IoT for the moment, it can help address a num­ber of broad­er busi­ness issues as well, Mon­a­han said. “They would be great for auto­mo­bile ECUs. They are also excel­lent for any embed­ded con­trol device.”

Impor­tant­ly, Rubicon’s tech­nol­o­gy also can be used as an embed­ded hard­ware secu­ri­ty mod­ule (HSM) if they decid­ed to go that route, Mon­a­han said. HSMs are basi­cal­ly ded­i­cat­ed servers for pro­vi­sion­ing, man­ag­ing and pro­tect­ing encryp­tion keys.

Rubi­con, which has attract­ed more than $12 mil­lion in ven­ture fund­ing, so far, is among a hand­ful of com­pa­nies with spe­cial­ized tools for cre­at­ing and man­ag­ing dig­i­tal iden­ti­ties for IoT device authen­ti­ca­tion. Oth­ers include Cer­ti­fied Secu­ri­ty Solu­tions (CSS), Device Author­i­ty and Infi­neon Tech­nolo­gies.

More on Inter­net of Things:
Secu­ri­ty must be part of device design as Inter­net of Things evolves
Health care data at risk: Inter­net of Things facil­i­tates health care data breaches
Rip­ples from Inter­net of Things cre­ate sea change for secu­ri­ty, liability

Posted in Data Security, Featured Story