In this blog, I jump right into the thick of IoT security. For the “big picture” see my previous blog.[prequel]
In an end-to-end encrypted world, every client connects to an application server via a secure, application layer session using Transport Layer Security (TLS). The server is authenticated to the device using a certificate and the device is either not authenticated at all or authenticated via username and password. Management of this infrastructure is a formidable task requiring Public Key Infrastructure (PKI). With PKI, a certificate and associated private key are installed on the server. On the client, the public key of the Certificate Authority (CA) that created the server certificate needs to be installed in order to validate the server certificate. There is also a need for ongoing certificate management such as revocation and replacement. This is a complicated process to manage. It is even more complicated to manage it securely in a manner that is resistant to DoS attacks and exploits.
As usual, complicated processes create opportunities on which enterprising companies quickly capitalize. Initially Application Delivery Controllers (ADCs) offloaded the TLS processing burden from the application servers while leaving the management complexity to the application provider. Then the process moved to massive, distributed cloud-based infrastructures providing certificate management and cryptographic offload. As a result, the application service provider is shielded from the complexity of managing secure and authenticated connections to its customers, while being protected from business disabling attacks.
The above paradigm works well when the user of the service is a human. In the world of IoT, there is no human behind the device, which brings forward several new issues. Firstly, IoT data is often more important than human generated. Just consider the criticality of the source and authenticity of water and stress level readings from a river dam. Certificate-based mutual authentication requires the same complicated PKI management as described above, but now of the clients’ certificate as well. Secondly, in practical terms human interaction limits the magnitude of the number of clients. Once the humans are removed, so is this limit. Lastly, there is the issue of power. Certificates can run thousands of bytes long, multiple of them in a certificate chain, and require complex cryptographic processing. IoT devices on a limited power budget, think battery operated sensors, can hardly afford such processing load.
New problems present new opportunities.
A new solution comes from an old one, the cellular infrastructure. A cellphone does not require user input to connect to an operator’s network. It has a preconfigured key (Pre-Shared Key or PSK) in its Subscriber Identity Module (SIM-card) with which the phone authenticates to the operator and vice versa, and from which it generates keys to encrypt its traffic. The limitation of this scheme is the need to pre-provision the PSK in the SIM-card. An improved card, the Embedded-SIM (eSIM[GSMA eSIM]) solves this problem. The eSIM is provisioned with generic, operator independent identity, only to acquire its service specific identity and keys when it first connects to the network.
There are several IoT projects being discussed in the 3GPP standards community to improve the efficiency of cellular networks for IoT. Among them is a scheme to use the cellular network PSK for optimized authentication and confidentiality of cellular IoT (CIoT) communication. (Study on Battery Efficient Security for very low Throughput machine type communication devices, SA3 BEST-CIoT[TR33.863]) In this, integrity protection and encryption session keys between an IoT device and a gateway in the operator’s core network are derived during the authentication process between the device and the cellular network.
How does this all relate to end-to-end encrypted IoT?
PSK with eSIM solves the problem of provisioning and scaling mutual authentication between the network and billions of IoT devices. Using keys derived from the PSK, the operator managed security gateway provides IoT device to operator authentication, privacy, and integrity protection. Integration of the IoT gateway with the operator’s device identity, policy, and accounting infrastructure allows the operator to offer IoT device lifecycle management services. As a result, operators may become the massive infrastructure managing the identity and security of the IoT network; shielding enterprises and IoT application developers from management complexity and perils of the IoT world.
We often speak of the Internet of Things as if it was one thing. It is, of course, not. It is arguably one of the most diverse spaces that technology has yet created. There are many standards and technologies addressing the challenges of this new space. The above described 3GPP cellular IoT scheme is one of many and others are being developed by TCG[TCG] and IEEE802.1AR[802.1ar]. Cellular IoT security is just one in the chain of technologies that will bring massive, cheap, simple, and manageable IoT to reality.