The Internet of Things (IoT) is ubiquitous. Connected devices are found today in medical devices, cars, industrial control systems and more.
Unfortunately, their security hasn’t kept pace with their functionality, and it’s time for manufacturers to address this issue head-on. Specifically, manufacturers need a scalable solution to manage issues such as authentication, data encryption and firmware integrity in connected devices. These combined efforts will enable them not only to bring safe products to market, but also to maintain their safety throughout their lifespan.
Achieving these security objectives involves implementing a public key infrastructure (PKI) strategy, ensuring strong authenticationcombining profitability, ease and scalability.
The Internet of Things and Multiplying Risks: Why Enhanced Security is Needed Now
IoT security is lagging behind the pace of connected device innovation. It is not uncommon, for example, for manufacturers to include default passwords or encryption common, thus exposing each of them to cyber hacking.
The most common security risks in the field IoT are related to weaknesses in identities and authentication techniques. They are related to:
- Weak authentication – Using weak credentials provided by default gives hackers large-scale access to devices, enabling the deployment of malware.
- Hard-coded credentials – Hard-encoding passwords or keys in software or firmware, followed by entering those text-based credentials into Source codeit simplifies the task of developers, but also that of hackers.
- Shared and Vulnerable Keys – Many cases of symmetric (rather than asymmetric) encryption, associated with storage and activation issues of encryption keys (even asymmetric), make it easy to compromise devices. The conservation problem becomes especially delicate on a large scale.
- Weak Encryption – Use of algorithms poor results in easy-to-break encryption. This problem is related to the fact that smaller IoT devices, with limited computing power, struggle to generate sufficiently random numbers (with very low entropy).
- Unsigned Firmware – While code signing proves the authenticity and integrity of code, many IoT devices do not verify this signature, making them vulnerable to malicious firmware updates.
Public Key Infrastructure (PKI) to the rescue: 6 ways to strengthen IoT device security
Despite these challenges, IoT security is within our reach. Base its security strategy on a solid infrastructure in public keys it’s an excellent choice. In-depth analysis reveals that a PKI can increase the security of IoT devices in six key ways:
- Unique identities – The use of certificates provides each device with a verifiable identity through a cryptographic method, ensuring secure network access and code execution. Note that these certificates can be updated or revoked individually.
- Open and universal standard – The PKI infrastructure is an open standard and compatible with any root of trust and protocols for certificate enrollment, management and revocation, making it possible to support different usage scenarios.
- High degree of scalability – The issuance of unique certificates, by a single trusted Certificate Authority (CA), facilitates the corresponding authentication of devices in the absence of a centralized server.
- Strong Security – A properly managed PKI program provides strong authentication, with encryption keys that are significantly more secure than passwords and tokens.
- Small footprint – Space-saving asymmetric switches are ideal for IoT devices with low computing power and memory.
- Proven solution – PKI is a tried and tested approach validated by experts who find it practical and scalable for increased security against a wide variety of attacks.
Is the PKI for IoT product security different from the PKI used in the enterprise?
It’s worth noting that while the complexity of hardware supply chains and IoT device lifecycles may at first glance seem incompatible with the PKI that companies have used internally for years, the fundamentals of the PKI approach remain the same. and the best PKI solutions know how to perfectly manage both use cases:
- Scalability and Availability – The volume and speed of certificate issuance is significantly higher in the IoT space than in enterprise deployments (several thousand certificates issued per hour). As a result, PKI components such as issued CAs and validation infrastructure must ensure high levels of performance and availability, which depend only on the quality of the hardware infrastructure on which the PKI software runs, and not on the software itself.
- Private key generation and storage – Since IoT devices are typically installed in locations that are accessible to everyone (unlike corporate web servers), manufacturers must find a way to protect the private keys stored on these devices for authentication purposes . This usually involves generating private keys within a secure component so that they are never exposed outside the device. Good PKI software can respond to certificate requests equally well, whether they come from IoT devices or corporate servers.
- Certificate policy – While certificate policy is always important, compliance with it is just as essential in the context of the Internet of Things as it is in a corporate computer network given the disparity of machines and devices involved. Fortunately, these certificate policies are systematically documented by standards and provided in the form of templates by any self-respecting PKI solution.
- Lifecycle Management – As in a factory or enterprise computer network, it is important to properly organize the lifecycle of certificates in the IoT, taking into account the lifetime of the devices once they are deployed. Manufacturers need to master how identities will be activated and updated concretely over time, and arm themselves with intervention plans in case cryptographic algorithms are compromised or a root of trust is compromised.
- PKI Infrastructure – A PKI, whether for a corporate network or an IoT product line, can be hosted on premises, in clouds or in a hybrid way, depending on the allocated budget, security policies, connections with factories and pre-existing infrastructures. Both should follow identical recommendations: HSMs hosted securely in the service of a root CA that should be physically isolated from any network, and certificate-issuing CAs, protected and isolated from any plant or machinery in distance by proxy.
- Access management – a PKI, whether for a corporate network or an IoT product line, must be managed by a very small team that must enforce very strict rules to document and track every action and security policy change. The best PKI solutions offer configurable role-based multi-user interfaces and are able to share and isolate usage between different departments and projects within the same company, making it possible to bundle license and material costs if applicable. necessary.
What are the top recommendations for IoT security?
Ultimately, manufacturers who are able to equip their IoT devices with strong and unique identities at scale will bring differentiated and more protected products to market. To achieve this goal, the following recommendations for the security of IoT devices should be observed:
- Inject trusted identities into devices – Use unique digital certificates for each device for more granular management and tracking. Above all, each of these certificates must be associated with a default root of trust, incorporated into its own PKI.
- Manage on-device key generation – Document use cases applicable to on-device key generation to define certificate policies and certificate practice statements (CP/CPS). CP/CPS development is optional, but provides high security through better policy enforcement.
- Consider Offline/Limited Devices – Give devices in the same chain of trust the means to authenticate even without an Internet connection, so they can continue to be serviced and regularly updated.
- Manage mutual authentication – Require authentication to limit access to trusted users and systems. Digital certificates allow mutual authentication between two entities that share a root of trust, guaranteeing more secure data exchanges on open networks.
- Ensure secure boot and code signing – Program devices so that code execution is only authorized with a verified signature. The addition of Secure Boot also protects devices, which can only boot or install updates after being signed by a trusted and trusted authority.
- Integrate crypto-agility and lifecycle management – Allow active device certificates to be reissued or revoked, as static systems are inherently poorly protected. Consider scenarios such as certificate expiration, ownership changes, or algorithm deprecation, all of which require cryptographic mechanisms on devices to be updated to maintain their level of security over time.