[From the last episode: we looked at trusted execution environmentsA separate area inside a processor where trusted software can run, with access to all resources. Software running outside that area has to access resources through the trusted area; it can’t do so directly. and how they can help with securityRefers to whether or not IoT devices or data are protected from unauthorized viewers..]
It’s amazing the lengths people will go to if there’s something that they really, really want badly. Wondering who’s saying what in that phone conversation in the office next door? Listen through a cup against the wall. Or, go across the street and bounce a laser off the window to track the minute vibrations from the conversation. Or, if they took notes, you just might try to break in under cover of night to view or take them.
This is no less true for hackersA misused, but common term for an unauthorized person trying to break into a device or network. Originally, in this context, "hackers" referred to the good guys (or "white hats"), while "crackers" were the bad guys (black hats). trying to compromise internet security – including IoTThe Internet of Things. A broad term covering many different applications where "things" are interconnected through the internet. devices. As we’ve seen before, often the IoT gadgets aren’t of interest themselves; it’s just that, if they aren’t secure, they provide entry to the networkA collection of items like computers, printers, phones, and other electronic items that are connected together by switches and routers. A network allows the connected devices to talk to each other electronically. The internet is an example of an extremely large network. Your home network, if you have one, is an example of a small local network. and the other goodies that they may find there.
So let’s say that an IoT designer did, in fact, do a good job. They used encryption and authentication and attestation and authorization and all of the other things that make for a secure device. And now someone really wants to break in. There’s one thing that could help them that they can’t get: the key(s).
Now, you may recall that, often, there’s not just one key for everything. There are different keysA number used to encrypt (or encode) information so that no one can read it. Keys are used when encoding and decoding. You shouldn't have to mess with keys yourself. for different things, and, often, those keys are only temporary – like for one session. Next session there will be a new key.
So that makes it hard to know what key will be useful. But there’s pretty much always a root keyA key that is typically unique to each IoT device (but might not be) and which is used to create session keys for communication between IoT devices and IoT servers in the cloud. somewhere – the question is, where? Some chipAn electronic device made on a piece of silicon. These days, it could also involve a mechanical chip, but, to the outside world, everything looks electronic. The chip is usually in some kind of package; that package might contain multiple chips. "Integrated circuit," and "IC" mean the same thing, but refer only to electronic chips, not mechanical chips. in the system is storing it. So, is it possible to find it?
How to Crack a Key
You would be astounded at the kinds of things that have worked for folks trying to hackThis can mean a couple things. A quick-and-dirty (but not elegant) trick to get something done is a hack. A computer security break-in is also a hack (because inelegant tricks are used to break in). It can be a noun or a verb ("he hacked my computer"). a system. Here are some examples:
- Monitoring the power line to see how it varies while the key is in use.
- Measure the slight electronic radiation (not nuclear radiation) that comes from any electronic device and see how it looks while the key is in use.
- Some people have found design “glitches” such that, for example, if they lower the voltageVoltage is what gets electrons to flow. It's analogous to water pressure, which gets water to flow. Voltage is measured in units of "volts." to some level and then do something to some other signal, suddenly they are able to take some control. Who knows how they figure out these “cheats.”
- If all else fails and you know which chip contains the key, pull it out and carefully break into it, gently taking off layer after layer until you can see the top of the siliconAn element (number 14 in the periodic table) that can be a semiconductor, making it the material of preference for circuits and micro-mechanical devices. chip, or even some layer inside the chip. Most stored keys aren’t visible to the naked eye, even with a microscope, but you might be able to probe in the right places to measure the stored bitsThe smallest unit of information. It is a shortened form of "binary digit." Since it's binary, it can have only two values -- typically 0 and 1.. Yeah, this takes sophisticated equipment, but, if you know what you’re doing and have access, this is routine stuff. It’s what engineers do, for example, to figure out why something went wrong inside a chip. So the equipment and techniques are most often used for good – it’s just that they are also useful for something not so good.
How to Protect a Key
So what to do about this? This is an active topic among design engineers. You’ll see papers presented at technical conferences both about ways to break into a chip and ways to protect a chip. Possible things that designers can do:
- To protect against power-line monitoring, put in some circuits that play with the currentThe amount of electrical flow. Measured in amperes or amps (A). so that you scramble the signal on the power line or swamp it with meaningless noise. The caution here is that the obvious ways of doing this simply waste energy – not great for a battery-powered IoT device.
- Encase the chip in metal, or metal lines. That blocks the radiated signals from leaving the chip.
- “Hide” the key(s) by spreading them out all over the chip rather than having the key bits all in a nice row. This makes it hard to find them unless you know where to look and what the order of the scattered bits is.
- EncryptEncryption refers to encoding and decoding (or encrypting and decrypting) data so that it can't be read unless you have the right key. It's critical for good security. the key with another key. This works – to a point. If you encrypt one key, then you need another key to decrypt the key, so, where do you store that new key? If you want to encrypt that key, then you need yet another key, and so on. So there’s only so much you can do here; eventually you need to store a key somewhere.
- Have a self-destruct mechanism such that, if anyone breaks into or removes the chip, then the key gets erased. Very Mission Impossible!
Of course, the usual problem crops up: none of this is free. It’s likely that few, if any, home IoT devices would use this kind of technology. Hardware roots of trustA chip of some sort that stores security artifacts like keys and certificates. It can perform the security operations itself so that those artifacts never have to (and can never) leave the chip. are, however, likely to take measures like this. If IoT devices start using them, then IoT systemsThis is a very generic term for any collection of components that, all together, can do something. Systems can be built from subsystems. Examples are your cell phone; your computer; the radio in your car; anything that seems like a "whole." are likely to be much more robust against such attacks.
Leave a Reply