[Cryptography] Simple IoT sensor encryption ?

[Jerry Leichter]

>>> I'm interested primarily in confidentiality of the sensor data during transmission & storage.
>> That, in combination with the assumption that the adversary has physical access to the device, makes little sense.  Given physical access, I would simply place my own sensor next to yours.  A hell of a lot easier than disassembling your device, getting the key out, and then putting it back in place in a way that you won't detect.
>> 
> 
> I think he was saying that the adversary has physical access to examples
> of the device that came off the same assembly line with the same
> firmware - not that the adversary has access to the instant device.
OK, so if the manufacturer follows dumb (if common) practice and assigns the same keys to every device, and users leave the keys as specified, either voluntarily or otherwise ... then you're reliant entirely on physical protections to keep attackers away from the information necessary to spoof one end or the other of the connection.

Devices that are intended to be able to survive in such an environment exist.  Equipment that has to communicate securely from hostile territory or on a battlefield is an example.  So are ATM's.  But they're expensive and the do get broken into when it's  important enough.  This doesn't seem like a reasonable approach to building IoT devices.

On the flip side, assigning a unique id from a very large space to each of a large number of devices is a long-solved problem.  SIM cards are an obvious example.

> This is the classic case of the Nest Thermostat - the first few examples
> of which had been installed for only a couple of weeks before burglars
> figured out how to read their signals in order to find out when the
> owners were away and burglaries could proceed.
Dumb designs are everywhere....
                                                        -- Jerry