Getting from Nothing to Something AKA: Bootstrapping, Commissioning, - - PowerPoint PPT Presentation

getting from nothing to something
SMART_READER_LITE
LIVE PREVIEW

Getting from Nothing to Something AKA: Bootstrapping, Commissioning, - - PowerPoint PPT Presentation

Apr 03, 2023 240 likes •361 views

Getting from Nothing to Something AKA: Bootstrapping, Commissioning, Pairing, ... Cullen Jennings, PhD Cisco Smart Object Security Workshop March 2012 Friday, March 23, 12 Goal So Cisco sold me this super constrained, super smart, super

slide-1
SLIDE 1

Getting from Nothing to Something

AKA: Bootstrapping, Commissioning, Pairing, ...

Cullen Jennings, PhD Cisco Smart Object Security Workshop March 2012

Friday, March 23, 12

slide-2
SLIDE 2

Goal

  • So Cisco sold me this super constrained, super

smart, super thing! Good grief, now what ?

  • “support highly constrained devices that are cheap

to manufacture and simple enough for the average skilled person to install” - Paul Chilton

  • At installation, there is is not relation between the

light and the switch, how do we get to the point where we can apply standard COMSEC

Friday, March 23, 12

slide-3
SLIDE 3

Constraint Space

At installation:

  • UI: Button, LED, digit display, nothing
  • Power at installation time: scavenger, none
  • Replacement: disposable vs cloneable, transferable
  • Network: broadcast support, none

Friday, March 23, 12

slide-4
SLIDE 4

Solution: Push Buttons

  • Controller is put in promiscuous mode
  • Device has button pressed to enroll
  • Devices broadcasts and finds the controller
  • Range of broadcast is proximity limited
  • If attacker is in proximity during enrollment, this is

unlikely to end up secure

  • Caveat: the DH with RF trick is cool

Friday, March 23, 12

slide-5
SLIDE 5

Code Display

  • Like pushbutton but both sides display a code that

a human need to verify matches

  • In practice code are not verified (see bluetooth

“0000” in C. Bran paper)

  • Code is typically done after enrollment making it

difficult for no power installations

Friday, March 23, 12

slide-6
SLIDE 6

Device Label Solutions

  • Device has a label with some secret that a human

helps transfer from the device to the controller

  • Label can be digits, barcode, RFID, blinking light,

etc.

  • PAKE allows for short labels
  • Major problem is label interception by attacker

Friday, March 23, 12

slide-7
SLIDE 7

A specific label example Phones ...

Manufacture CA Phones Customer CA PBX Mutual TLS Manufacture Cert Web Server Barcode Scanner Customer Cert

Friday, March 23, 12

slide-8
SLIDE 8

A New Label Example

  • Each device has a label with a one-time key

encoded as a QR code

  • smart phone serves as a trusted label reader/

introducer

  • Manufacturer web server (mother ship)

coordinates device/base station introduction process

Friday, March 23, 12

slide-9
SLIDE 9

MotherShip (Web Server) Device (Light bulb) Introducer (iPhone) Controller 2 4 1 3 OTP OTP+ Controller ID Controller ID Web Server Device ID

Friday, March 23, 12

slide-10
SLIDE 10

Characteristics

  • Mothership detects and fails intercepted labels
  • Grandma can enroll a light bulb (do you believe this?)
  • Installer can enroll all lights in building before power or

network is installed

  • Low cost to manufacture
  • Randy can find the 16th device - even if it’s asleep
  • Can provide credentials for TLS-PSK systems
  • Does not require anyone to do anything they have no

incentive to do

  • Only enrollment hardware is standard smart phone

Friday, March 23, 12