[Cryptography] Simple IoT sensor encryption ?

Fri Apr 15 08:55:47 EDT 2016

At 01:14 PM 4/14/2016, Jerry Leichter wrote:
>> Threat model: since the sensors are cheap & widely distributed, we have to assume that anyone can get physical access to such a sensor & perform any amount of analysis on it that s/he wants.  Furthermore, the data channels between the sensor and the data repository are available for everyone to see -- e.g., wireless transmission, with the possibility of MITM attacks.
>
>I don't see a threat model here.  Yes, these are bits and pieces of attack techniques ... but what exactly are you intending to secure?  All I see here is the values sent by the sensor.  Do you need to protect them from visibility, or are you concerned with integrity?  How about availability?
>
>Without saying what properties you want the system to provide, you can't possibly analyze the threats - threats to do *what*?

You are correct; I didn't do a good job of explaining the threat model.

I'm interested primarily in confidentiality of the sensor data during transmission & storage.  As I've already said, authenticity will be difficult, if not impossible, to assure w/o some type of stored secret within the device.

Since these cheap sensors can be widely distributed, you have to assume that they are easy to physically access, and after such access, we can assume that some devices will be compromised and/or spoofed.

Let me now turn the situation around.

Assuming that I don't want to store *any* secrets within the sensors, and the communications are strictly one way, what can I actually achieve?

So far, a public-key system like RSA allows the device to encode its data in such a way that it can't be divulged during encryption or transmission -- even with physical access to the device, which will compromise only its current data.

Yes, one or more sensors can be spoofed, and DoS'd, but there may be other means to check on spoofing -- e.g., there may be *too many* sensors for an attacker to spoof, so that I may be able to use some sort of a voting algorithm to ignore outliers.  This is more-or-less the classical situation in any case, as sensors can easily fail and start sending bad information on their own, even without having been attacked.

This is a case where doubling or tripling, etc., the number of sensors may be cheaper, more reliable, and more secure than trying too hard to make "hardened secure" chips which store secrets, but which are resistant to giving up those secrets.