SLIDE 1
IoTs and Security
(In)Security of IoT
Chaire de Confiance Num´ erique Pascal Lafourcade 15th March 2016
1 / 19
IoTs and Security
Internet of Thing (IoT)
2 / 19
(In)Security of IoT Pascal Lafourcade Chaire de Confiance Num - - PowerPoint PPT Presentation
(In)Security of IoT Pascal Lafourcade Chaire de Confiance Num - - PowerPoint PPT Presentation
IoTs and Security (In)Security of IoT Pascal Lafourcade Chaire de Confiance Num erique 15th March 2016 1 / 19 IoTs and Security Internet of Thing (IoT) 2 / 19 IoTs and Security Increasing Succes of IoT 3 / 19 IoTs and Security
SLIDE 2
SLIDE 3
IoTs and Security
Increasing Succes of IoT
3 / 19
SLIDE 4
IoTs and Security
Reasons of the Succes of IOT
Technology
◮ Wireless Communications:
Wifi, 3G, 4G, Bluethooth, Sigfox ...
◮ Batteries ◮ CPU ◮ Sensors ◮ Price
4 / 19
SLIDE 5
IoTs and Security
Reasons of the Succes of IOT
Technology
◮ Wireless Communications:
Wifi, 3G, 4G, Bluethooth, Sigfox ...
◮ Batteries ◮ CPU ◮ Sensors ◮ Price
Usage
◮ Monitoring services ◮ Hyperconnectivity ◮ Avaibility
4 / 19
SLIDE 6
IoTs and Security
Wireless communications ⇒ Wormhole Attack
5 / 19
SLIDE 7
IoTs and Security
Real attacks on IoT from 2007 ...
6 / 19
SLIDE 8
IoTs and Security
Real attacks on IoT from 2007 ...
6 / 19
SLIDE 9
IoTs and Security
Real attacks on IoT from 2007 ...
6 / 19
SLIDE 10
IoTs and Security
Real attacks on IoT from 2007 ...
S´ eminaire Confiance num´ erique : 7 avril 14h00 Amphi B IUT
6 / 19
SLIDE 11
IoTs and Security
Insecurity of IoT by HP in 2015
POODLE: Padding Oracle On Downgraded Legacy Encryption
7 / 19
SLIDE 12
IoTs and Security
TOP 10: Vulnerabilities of IoT
- 1. Insecure Web Interface (weak passwords, account protection)
- 2. Unsufficient Authtneitcation/Authorization
- 3. Insecure Newtork Services (ports open, DoS)
- 4. Lack of Transport Encryption
- 5. Privacy Concerns (leak of personal informations)
- 6. Insecure Cloud interfaces
- 7. Insecure Mobile Interfaces
- 8. Insufficient Security Configurability
- 9. Insecure Software/Firmeware
- 10. Poor Physical Security
https://www.owasp.org/images/8/8e/Infographic-v1.jpg
8 / 19
SLIDE 13
IoTs and Security
How to Secure IoT
Cryptography:
◮ Primitives: RSA, Elgamal, AES, DES, SHA-3 ... ◮ Protocols: Distributed Algorithms
9 / 19
SLIDE 14
IoTs and Security
How to Secure IoT
Cryptography:
◮ Primitives: RSA, Elgamal, AES, DES, SHA-3 ... ◮ Protocols: Distributed Algorithms
Properties:
◮ Secrecy, ◮ Authentication, ◮ Privacy ◮ Non Repudiation ...
9 / 19
SLIDE 15
IoTs and Security
How to Secure IoT
Cryptography:
◮ Primitives: RSA, Elgamal, AES, DES, SHA-3 ... ◮ Protocols: Distributed Algorithms
Properties:
◮ Secrecy, ◮ Authentication, ◮ Privacy ◮ Non Repudiation ...
Intruders:
◮ Passive, active ◮ CPA, CCA ...
9 / 19
SLIDE 16
IoTs and Security
How to Secure IoT
Cryptography:
◮ Primitives: RSA, Elgamal, AES, DES, SHA-3 ... ◮ Protocols: Distributed Algorithms
Properties:
◮ Secrecy, ◮ Authentication, ◮ Privacy ◮ Non Repudiation ...
Intruders:
◮ Passive, active ◮ CPA, CCA ...
Designing such secure protocols is difficult
9 / 19
SLIDE 17
IoTs and Security
Is it preserving your privacy?
10 / 19
SLIDE 18
IoTs and Security
Is it preserving your privacy?
4096 RSA encryption
10 / 19
SLIDE 19
IoTs and Security
Is it preserving your privacy?
4096 RSA encryption Environs 60 temp´ eratures possibles: 35 ... 41
10 / 19
SLIDE 20
IoTs and Security
Is it preserving your privacy?
4096 RSA encryption Environs 60 temp´ eratures possibles: 35 ... 41 {35}pk, {35, 1}pk, ..., {41}pk
10 / 19
SLIDE 21
IoTs and Security
3-Pass Shamir
11 / 19
SLIDE 22
IoTs and Security
3-Pass Shamir
11 / 19
SLIDE 23
IoTs and Security
3-Pass Shamir
11 / 19
SLIDE 24
IoTs and Security
3-Pass Shamir
11 / 19
SLIDE 25
IoTs and Security
3-Pass Shamir
Abstract Representation 1 A → B : {m}KA
11 / 19
SLIDE 26
IoTs and Security
3-Pass Shamir
Abstract Representation 1 A → B : {m}KA 2 B → A : {{m}KA}KB
11 / 19
SLIDE 27
IoTs and Security
3-Pass Shamir
Abstract Representation 1 A → B : {m}KA Commutative 2 B → A : {{m}KA}KB = {{m}KB}KA Encryption
11 / 19
SLIDE 28
IoTs and Security
3-Pass Shamir
Abstract Representation 1 A → B : {m}KA Commutative 2 B → A : {{m}KA}KB = {{m}KB}KA Encryption 3 A → B : {m}KB
11 / 19
SLIDE 29
IoTs and Security
Logical Attack on Shamir 3-Pass Protocol (I)
Perfect encryption one-time pad (Vernam Encryption) {m}k = m ⊕ k XOR Properties (ACUN)
◮ (x ⊕ y) ⊕ z = x ⊕ (y ⊕ z)
Associativity
◮ x ⊕ y = y ⊕ x
Commutativity
◮ x ⊕ 0 = x
Unity
◮ x ⊕ x = 0
Nilpotency
12 / 19
SLIDE 30
IoTs and Security
Logical Attack on Shamir 3-Pass Protocol (I)
Perfect encryption one-time pad (Vernam Encryption) {m}k = m ⊕ k XOR Properties (ACUN)
◮ (x ⊕ y) ⊕ z = x ⊕ (y ⊕ z)
Associativity
◮ x ⊕ y = y ⊕ x
Commutativity
◮ x ⊕ 0 = x
Unity
◮ x ⊕ x = 0
Nilpotency Vernam encryption is a commutative encryption : {{m}KA}KI = (m ⊕ KA) ⊕ KI = (m ⊕ KI) ⊕ KA = {{m}KI }KA
12 / 19
SLIDE 31
IoTs and Security
Logical Attack on Shamir 3-Pass Protocol (II)
Perfect encryption one-time pad (Vernam Encryption) {m}k = m ⊕ k Shamir 3-Pass Protocol 1 A → B : m ⊕ KA 2 B → A : (m ⊕ KA) ⊕ KB 3 A → B : m ⊕ KB Passive attacker : m ⊕ KA m ⊕ KB ⊕ KA m ⊕ KB
13 / 19
SLIDE 32
IoTs and Security
Logical Attack on Shamir 3-Pass Protocol (II)
Perfect encryption one-time pad (Vernam Encryption) {m}k = m ⊕ k Shamir 3-Pass Protocol 1 A → B : m ⊕ KA 2 B → A : (m ⊕ KA) ⊕ KB 3 A → B : m ⊕ KB Passive attacker : m ⊕ KA ⊕ m ⊕ KB ⊕ KA ⊕ m ⊕ KB = m
13 / 19
SLIDE 33
IoTs and Security
Second Example
Needham Schroeder Key Echange 1976 A → B : {A, NA}Pub(B) B → A : {NA, NB}Pub(A) A → B : {NB}Pub(B)
◮ Use cryptography ◮ Small programs ◮ Distributed
14 / 19
SLIDE 34
IoTs and Security
Cryptography is not sufficient !
Example : Needham Schroeder Key Echange A → B : {A, NA}Pub(B) B → A : {NA, NB}Pub(A) A → B : {NB}Pub(B)
15 / 19
SLIDE 35
IoTs and Security
Cryptography is not sufficient !
Example : Needham Schroeder Key Echange A → B : {A, NA}Pub(B) B → A : {NA, NB}Pub(A) A → B : {NB}Pub(B) Broken 17 years after, by G. Lowe A → I : {A, NA}Pub(I) A ← I : {NA, NB}Pub(A) A → I : {NB}Pub(I) I → B : {A, NA}Pub(B) I ← B : {NA, NB}Pub(A) I → B : {NB}Pub(B)
15 / 19
SLIDE 36
IoTs and Security
Cryptography is not sufficient !
Example : Needham Schroeder Key Echange A → B : {A, NA}Pub(B) B → A : {NA, NB}Pub(A) A → B : {NB}Pub(B) Broken 17 years after, by G. Lowe A → I : {A, NA}Pub(I) A ← I : {NA, NB}Pub(A) A → I : {NB}Pub(I) I → B : {A, NA}Pub(B) I ← B : {NA, NB}Pub(A) I → B : {NB}Pub(B) Computer-Aided Security
15 / 19
SLIDE 37
IoTs and Security
Formal Verification Approaches
Designer Attacker
16 / 19
SLIDE 38
IoTs and Security
Formal Verification Approaches
Designer Attacker Security Team
16 / 19
SLIDE 39
IoTs and Security
Formal Verification Approaches
Designer Attacker Give a proof Security Team
16 / 19
SLIDE 40
IoTs and Security
Formal Verification Approaches
Designer Attacker Give a proof Find a flaw Security Team
16 / 19
SLIDE 41
IoTs and Security
Security Challenges for IoT
Data exchanged should be protected. Security Properties
◮ Data Integrity ◮ Data Confidentiality ◮ Data Privacy ◮ Authentication ◮ Non-repudiation ◮ Avaibility
17 / 19
SLIDE 42
IoTs and Security
5 Things to Bring Home
- 1. Severals security challenges in IoT
- 2. Security has to be taken at the design of IoT
- 3. Designing secure protocols is difficult
- 4. Tradeoff between security, battery, CPU and price.
- 5. Formal methods can help you for designing secure protocols
Protocol + Properties + Intruder ⇒ Security
18 / 19
SLIDE 43
IoTs and Security
Thanks for your attention Questions ?
19 / 19