Identity, Security and Privacy
in the IoT era
Gregory Estrade - http://lvt.tl/
IoT - State of the art
Focus of this talk
Home automation using MQTT
A quick MQTT overview
- MQTT is based on a publisher/subscriber model.
- MQTT clients use TCP/IP to connect to a Broker.
- Brokers perform message-passing between clients and can usually be chained in a hierarchical way.
- There is a MQTT-SN specification for low-end devices.
Home automation using MQTT
Architecture basics
- Sensors:
room/temperature,outside/humidity. - Commands:
room/radiator,garage/door. - All devices are using a MQTT broker connected to Internet.
Privacy requirements
- Some data may be shared publicly:
outside/humidity. - Some data may be shared to a trusted set of people or systems:
garage/door,room/temperature. - Some commands need to be protected:
room/radiator. - Some commands need to be secure:
garage/door. A 2FA would be a good thing.
Home automation using MQTT
Connecting our home to the IoT
- Naming:
my_home.domain.name/<location>/<device>. - Security: TLS required for MQTT requests from Internet.
Well, it was easy, wasn't it?
End of the story?
.NOPE.
DNS and SSL/TLS concerns
Threats on DNS
- DDoS on root servers (2002, 2007).
- Verisign (2003), ISPs and governements abuses.
- Protocol weakness: spoofing, cache poisoning...
Issues with SSL/TLS
- Implementation issues: Heartbleed, Poodle.
- Lenovo's SuperFish abuse.
- Cryptography: Debian RNG bug (2008), RSA key backdoor.
Both share the same usage flaw.
Hierarchical
Trust Model
Enter the Blockchain
The Blockchain
- Made famous by cryptocurrencies, especially Bitcoin.
- In cryptocurrencies, acts as a ledger for transactions.
- Integrity is ensured by the network. No SPOF.
Why does it work?
- The mining process rewards people for maintaining the ledger's integrity. Mining is computational power-hungry.
- In cryptocurrencies, everyone in the network is motivated by the same incentive, i.e. getting money.
- It works because everyone is a bit greedy and that the "silent majority" outperforms the "few villains".
It looks like a very negative view of human nature, but...
TRUST < GREED
History has proven that relying on the "good will" of a few ones, just doesn't work.
Decentralization matters
Yes, all that stuff looks interesting, in theory at least...
But who cares ?
January 2015 - IBM and Samsung unveil ADEPT
Autonomous Decentralized Peer-to-Peer Telemetry
Using a Blockchain with Ethereum, Telehash for communication, and BitTorrent.
However, nearly 8 months ago... Mosquitto-Twister
Proof-of-concept of a fully distributed MQTT broker for the IoT. Uses Twister platform, Bitcoin and Bittorrent protocols.https://github.com/Torlus/mosquitto-twister
How does it work?
The Twister platorm
Twister is a fully decentralized Twitter clone.
- A Blockchain stores the full list of User Handles.
- User profiles are stored in a DHT (Kademlia).
- Posts are stored within BitTorrent swarms.
- DMs are encrypted, other messages are not.
Mapping into MQTT concepts
...and addressing security and privacy as well, while we're at it...
- A Handle is used instead of a Domain Name.
- MQTT's pub/sub model fits nicely with Twi[st]ter's one.
Now what?
Blockchains and incentive issues
- Generally speaking, what would be good incentives for non-cryptocurrencies-related Blockchains?
Example: DNSChain.
- Blockchains quickly become huge.
Would a distributed Blockchain storage be possible or relevant? What about integrity? Use another Blockchain for this purpose ?
Other subjects
- Cryptography and low-end devices.
Cryptography is costly. Do we need strong cryptography, when EFT standards still use DES (2-TDES, 112-bit key length) ? Hint: DUKPT.
- Most cryptography algorithms rely on the difficulty of performing some tasks.
- http://en.wikipedia.org/wiki/One-time_pad is very simple to understand, yet:
- It is one of the few systems proven unbreakable (Shannon, 1949)
- It has been invented by Frank Miller, a banker.
Other subjects
- Secret sharing.
Secret keys are hard to protect. Storing a key into a device makes it a SPOF, so let's split the key into parts and store those parts across multiple devices... Hint: ssss.
- Adaptive security.
NFC payments are prone to errors, but limited to a maximum amount. It's a matter of risk versus consequences. Let's extend this principle to give a proper response to a given situation, using a Quorum.
Questions?
Gregory Estrade - http://lvt.tl/
Bonus: Security and Trust
Let's compare two different security strategies
Topic |
Online services |
Payment cards |
|---|---|---|
| Passwords | 8+ characters alpha, num, special | 4 digits PIN code |
| Cryptography | Asymmetric | Symmetric |
| Algorithms | RSA, AES | DES (2TDES) |
| Key sizes | 2048, 4096 | 112 (2 x 56) |
Failure Impact |
Embarrassing party pictures leakage | Bankrupcy, for you and your whole family |