True Random Entropy Is an IoT Necessity
Internet of Things devices can be a security nightmare.
The Internet of Things (IoT) has security issues. The fundamental weakness is that it adds to the number of devices behind a network firewall that can be compromised. Not only do we need to safeguard our computers and smartphones, now we must worry about protecting our homes, vehicles, appliances, wearables and other IoT devices.
The IoT is one of a security professional’s worst nightmares. Sensitive and often, regulated, data is being collected and stored on low-performance, low-power devices scattered across the globe. These devices are easy to tamper with, have to work for a long time and are hard to update. You may have heard that hackers remotely hijacked a Jeep’s digital systems, leading to Chrysler recalling 1.4 million vehicles. One of the things that makes vehicles and all IoT devices vulnerable is a history of weak encryption keys and inadequate provisioning and planning for data protection and lockdown.
Cryptography is critical for securing data at rest or in transit on the IoT. But cryptography fails when a device uses weak keys, low-entropy randomness or inaccurate time sources. The National Institute of Standards and Technology (NIST) states that “Entropy in the information theoretic sense is a measure of randomness or uncertainty in a signal.” Entropy is essentially the randomness, or unpredictability, collected for use in cryptography—a lack of entropy will negatively impact both performance and security.
Computers, especially low-power and low-cost devices, generally have trouble producing good randomness. Randomness relies on gathering entropy, and IoT devices can suffer entropy starvation, usually because they’re designed for a specific task and have little opportunity to build entropy locally before starting network communications. Security in general often takes a back seat, and specialist security functions like key generation are frequently overlooked and can undermine the entire security model.
The best sources of true randomness are based on unpredictable physical phenomena such as quantum effects, but they can be impractical to include in IoT devices. Finding ways to unlock the full potential of cryptography to secure data on the IoT can offer hope for a better future.
What matters now is how we prevent another Chrysler episode. How do we instill the next generation of IoT devices with adequate security? What’s needed is an original approach to crypto-based IoT applications based on entropy. Because entropy matters.
NIST has proposed the development of Entropy as a Service (EaaS) for delivering entropy. This development will employ a standards-based approach to create a universally available method of securely providing high-quality entropy to cloud-based applications and embedded and IoT devices. The main components of the base EaaS architecture include the quantum entropy device, the EaaS server and a hardware root of trust device in the client system.
EaaS does not generate keys; it only enables client systems to generate strong cryptographic keys without any possibility for the EaaS server to gain any insight into the client keys. Whether EaaS is being supplied by the IOT manufacturers or via a service provider, good sources of entropy must be found to ensure a strong deployment.
Many users do not trust any centralized authority for a service of such fundamental importance. EaaS is designed to distribute and aggregate trust across a scalable collective of participants, yielding a collective authority. By combining known cryptographic techniques in novel ways, EaaS provides fresh timestamps and entropy to IoT devices on boot. The architecture distributes trust across thousands of servers scattered around the world; scalable enough that every country’s government and every major technology company in the world could participate directly in the decentralized root of trust, each actively and independently ensuring that all others stay honest. The architecture is open and reviewable by experts.
Bob Gourley is a co-founder and partner of Cognitio and the publisher of CTOvision.com and ThreatBrief.com. Bob’s first career was as a naval intelligence officer, which included operational tours in Europe and Asia. Bob was the first Director of Intelligence (J-2) at the Defense Department’s cyber defense organization Joint Task Force-Computer Network Defense. Following retirement from the Navy, Bob was an executive with TRW and Northrop Grumman, and then returned to government service as the CTO of the Defense Intelligence Agency.
Jane Melia, Ph.D., is vice president of strategic business development at QuintessenceLabs.