Awareness of the Internet of Things (IoT) has pretty much reached saturation point within the electronics industry and is now steadily permeating the consciousness of the population at large, especially among more tech-savvy consumers. Consequently, the focus of attention is shifting from what the IoT is and what it can do, to what are the issues in making it work seamlessly across multiple platforms and, more importantly for many people, making it secure to use.
By Rudy Ramos, Mouser Electronics
The ability to secure internet communications has long been established within the IT industry and we are all familiar with internet browsers that use encryption techniques, such as SSL (secure socket layer), to protect the transmission of confidential user information. Similarly, anyone who has ever needed to configure a wireless internet router has probably encountered AES (advanced encryption security), which strengthens the protection provided by previous wireless communication protocols.
“Good,” I can hear you say, “the internet is secure, so the IoT must be also.” But not so, or at least, not necessarily.
First, we need to understand that the IoT extends beyond the realm of traditional Internet-connected computing devices. In particular, many of the “things” we may want to connect to the IoT will be low-power, battery-operated devices using low bit-rate wireless technology to communicate to a local hub. Such devices cannot afford the power-hungry overhead that Wi-Fi represents and will need to use alternative wireless technologies, which also need to be capable of being secured.
Second, even established Internet communications might be vulnerable at the point of access or at intermediate points where the data is transferred from one network to another. The challenge here is securing against unauthorized access while also ensuring that authorized users can readily access the information they require. Here, ideally, the use of techniques that can detect whether information has been tampered with should be deployed to guarantee communication integrity and further enhance security.Equally, knowing that information is genuine and comes from the source it purports to be from is vital, so techniquesto authenticate the sender provide another defense in the IoT armory.
Figure 1: The Internet of Things requires advanced security to protect our privacy.
We’ve mentioned encryption, integrity and authentication as potential tools to secure the IoT. However, before we explore how these can be implemented in our system designs it is probably helpful to have a better understanding of the basics of what these things are and how they work:
Encryption is simply the implementation of cryptographic algorithms, and while today these may be highly complex and involve lots of mathematics, the underlying principles are relatively easy to comprehend.
Early cryptographic processes used substitution codes based either on a formula or a look-up table. The formulaic approach might substitute any letter in an alphabetic sequence with,for example, the letter three places along, i.e. “A” becomes “D,” “M” becomes “P” and at the end of the alphabet it cycles back to the beginning and “Y” becomes “B.” Unfortunately, such simple encryption is relatively easy to crack, either by trial-and-error or through the recognition of easy-to-spot patterns related to the higher incidence of vowels or common words like “and” and “the”.
The look-up approach might use a code that references words in a standard book, using numbers to identify the page, line, and position of a word on that line. This clearly requires both the sender and recipient to have the same book, which therefore becomes the “key” to the coded message, making it tough for anyone else to decipher without this key. This use of a secret key along with much more sophisticated cryptographic functions forms the basis for modern encryption techniques. The goal is to create codes that are either too complicated or too time-consuming to be broken by even the most powerful computers using “brute force” methods.
Using the same key to encrypt and decrypt information requires that key to be shared by both sender and recipient, which potentially poses a security risk should anyone else discover that key. Instead, the use of difficult-to-solve mathematical problems provides a method that uses a combination of public and private keys to encrypt and decrypt information. For example, if you only know the product of two very large prime numbers it can take a computer a considerable time to determine the two prime factors. However, if one of the prime factors is known then, a message can quickly be decrypted. Hence person A can make this product known as his/her “public” key, which allows someone else, person B, to send them an encrypted message that can only be decrypted by person A with the prime factor they have as their “private” key. Person A can then use person B’s public key (which is different to person A’s public key) to encode their reply, which person B can decrypt with their private key (a factor of their public key).
Public-key cryptography using paired keys is asymmetric and computationally intensive and so is typically only used to encrypt small blocks of data to create an initial secure data channel. This channel may then be used to exchange other secret keys that can subsequently be used with symmetric encryption algorithms, which are still very robust but require less computing power.
Authentication and Integrity
Techniques to authenticate the sender of an encrypted message and ensure the integrity of a message, share elements in common with one another and with aspects of the preceding discussion on encryption.
Taking authentication first, it is clearly important to verify that the sender is who they say they are. Fortunately, the use of public-key encryption provides an easy solution. Any received message can be challenged by sending a message back to the originator that contains a random number encrypted with their public key and asking them to return that same number back to you encrypted with your public key. If this is correct, then both parties have authenticated one another, and you can be confident that further information received is from the indicated sender.
Ensuring message integrity is important on two counts – to avoid the possibility of malicious tampering, perhaps intended to subvert the correct operation of some machinery or other equipment, or to avoid the potential for corrupt information from wreaking equal havoc with an IoT system. An encrypted text message that has been intercepted and modified would most likely become unreadable, making such tampering obvious. However, if the encrypted information was a code update being transmitted to an embedded microcontroller in an IoT system, then the corruption might not be noticed until it manifests itself in undesirable behavior or complete system failure.
What is needed is a way of guaranteeing data integrity so that any interference can be detected immediately. One approach is to generate a tag, which relates to all the bits in a message and a shared secret key and adds this tag (called a Message Authentication Code, or MAC) to the body of a message before it being encrypted and transmitted. This is akin to the way a parity bit is added to a string of binary code to provide error detection, only much more complex. When the recipient decrypts the message, including the tag, the tag can be regenerated, and if it reveals the matching key, then the integrity of the data is assured.
Dedicated Hardware for Implementing IoT Security
Having grasped the principles of encryption, authentication, and data integrity, we are in a better position to appreciate the technology that is available to secure our IoT systems.
Many microcontrollers (MCUs), for example, incorporate dedicated hardware to perform encryption. The solution most frequently encountered is the Advanced Encryption Standard (AES), as mentioned earlier and established by the US National Institute of Standards and Technology (NIST). AES is commonly implemented with block sizes of 128, 192 or 256 bits and is a symmetric cipher, meaning both sender and receiver require the same key – if necessary, this key can always be shared using an initial public key message exchange.
The Texas Instruments MSP430FR5969 MCU Family is an example of an MCU with an integrated AES hardware accelerator. This device also includes the necessary storage memory used during the encryption and decryption computations, a process that starts automatically once a security key has been loaded into the state memory.
Figure 2:AES Hardware Accelerator in Texas Instruments MSP430FR59xx MCU (Source: Texas Instruments).
Other hardware accelerators implement message authentication, with the most common MAC algorithm being the Secure Hash Function (SHA) standard, also established by NIST. Once again, such accelerators can readily be found integrated into MCUs, quite often provided by a flexible coprocessor. The hardware acceleration coprocessor in NXP’s Kinetis K6x family, for example, can handle a variety of standards, including AES and SHA. Coprocessors like this offer efficiency advantages because they perform independently from the CPU, relieving it of the significant burden of processing the cryptographic functions.
Further options for implementing IoT security
Sometimes securing the storage location where sensitive information is held is what is needed to ensure it is safe from hardware attacks. For example, Atmel’s unique secure memory device, the AT88SC0204CA, offers symmetric mutual authentication using data encryption and MAC algorithms to protect the memory’s content. System access is via a standard MCU serial interface with tamper-detection circuits providing additional security.
Other system solutions may benefit from security functions that are separate from the MCU. Maxim implements the SHA-256 algorithm in a series of dedicated devices. Its DS24L65, for example, converts a standard I2Cinterface into a secure 1‑wire interface. This then supports other secure 1-wire peripherals such as the Maxim DS28EL22, a 2Kbit EEPROM with on-chip SHA-256-based MAC hardware. This device uses a unique 64-bit ROM ID code for host-to-slave authentication, providing a very robust solution for protecting the user memory from being modified by a non-authentic host.
Encryption and authentication algorithms each have a part to play in securing the transmission and storage of sensitive data and ensuring that the communication of such data is between the intended parties or devices and hasn’t been tampered with. Fortunately, we don’t all need to be mathematical wizards to understand exactly how it all works but a little knowledge of the techniques involved should help us chose the right solution for the task at hand as we continue to explore the exciting opportunities that the Internet of Things is opening up.
About the Author
Project Manager for the Technical Content Marketing team of Mouser Electronics
Rudy Ramos is the project manager for the Technical Content Marketing team at Mouser Electronics and holds an MBA from Keller Graduate School of Management. He has over 30 years of professional, technical and managerial experience managing complex, time critical projects and programs in various industries including semiconductor, marketing, manufacturing, and military. Previously, Rudy worked for National Semiconductor, Texas Instruments, and his entrepreneur silk screening business.