Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Rohatgi

    Hochgeladen von

    nanoteraCH
    107 Ansichten6 Seiten
    SOETC Conference

    Originaltitel

    rohatgi

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    SOETC Conference

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    107 Ansichten6 Seiten

    Rohatgi

    Hochgeladen von

    nanoteraCH
    SOETC Conference

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 6

    Practical challenges in IoT

    security and privacy


    Pankaj Rohatgi

    IoT Chipmaker/Devicemaker dilemma: Cost, Cost, Cost

    High-end smart phone: $600


    retail

    Cost of security: $3
    Security as percentage of retail: 0.5%
    Average useful life: 4.6 years

    Connected light bulb : $13.19

    0.5 % of retail spent on security = 6.5


    Will require14 years of support!

    Additional spending/ROI on security will require tapping deeper in the value chain
    Premier services, big-data analysis, etc
    Security must add tangible value there (protection of service, provenance of data)
    2

    Challenge: Provisioning keys, trust models + lifecycle


    management
    Root-of-trust
    Owner

    $$$$
    Chip maker

    Component
    Provider

    OEM

    COMMS/
    Gateway

    Service
    Provider

    Root of trust/keys/security/trust model established/provisioned at


    the low-end of value chain low-cost, insecure location
    Many entities need keys and rights on end system using root-oftrust

    Fully hierarchical/high-friction trust models will not work

    Lifecycle: Manufacturing, Secure Test and Debug Lifecycle and


    3 RMA across value chain, end-of-life

    Solutions/Areas of Research
    Secure provisioning/personalization

    Keysplit 1

    Keysplit 2

    Keysplit 3

    Multi-step key provisioning at low cost

    Trust models

    Dynamic addition of multiple security principals


    Enabling trust without being trusted

    Chip
    A&T

    Wafer
    Sort

    Privilege Assignment/Transfer vs. Delegation

    Secure IC Debug Lifecycle


    Si Tester
    All debug
    features are
    available,
    including DFT

    OEM/ODM
    SW
    development
    Load Image
    QA

    Disable
    DFT

    Disable debug
    Enable SecBoot
    Provision keys

    End
    Customer
    Normal Use
    Key refresh
    SW updates

    Malfunctioned
    product?
    Silicon Issue?

    OEM/ODM

    Si Tester
    All debug
    features are
    available,
    including DFT

    Re-enable DFT
    Block access to HW keys

    Debug
    malfunction
    to determine
    cause

    Re-enable Debug of the


    specific RMA sample
    Block access to HW key

    Challenge: Long-term security renewability


    Over the long term:

    Hardware rooted secrets on device compromised via physical attacks (but unlikely at
    large scale)
    Device software stack and software rooted secrets regularly compromised (very likely +
    large scale)
    Services and service secrets compromised (likely with large scale effect )

    At the lowest level (root-of-trust)

    Secure software updates and anti-rollback features needs to be built in


    Recovery mechanism from key compromise (used by software and services) should be
    built in
    IoT Service
    Blacklisting compromised root-of-trust

    IoT Device
    5

    Challenge: Long term privacy


    Privacy is a common requirement

    $$$$$$$$

    EPID
    DAA
    Differential
    Privacy

    Vs.

    Group
    Key

    Lightweight, low-cost privacy ?


    Is privacy even possible in a usage-based services, big-data/data-mining funded IoT
    ecosystem ?
    6

    Das könnte Ihnen auch gefallen