The Centre for Internet of Things and Pervasive Systems
is organising a seminar on "Hardware-Based Security Solutions for the Internet of Things" from Dr Basel Halak. The event is open to anyone from across the University to attend.
The Internet of Things (IoT) is expected to generate tremendous economic benefit; this promise is undermined by major security threats. First of all the vast majority of these devices are expected to communicate wirelessly, and will be connected to the Internet, which makes them especially susceptible to confidentiality threats from attackers snooping for messages contents. Second, most IoT devices are expected to be deployed in remote locations with little or no protection; therefore they can be vulnerable to both invasive and side channel attacks, malicious adversaries can potentially gain access to a device and apply well know power or timing analyses to extract sensitive data that might be stored on the IoT node, such as encryption keys, digital identifiers, and recorded measurements. Furthermore, with ubiquitous systems, it can no longer be assumed that the attacker is remote. Indeed, the attack could even come from within the system itself, from rogue embedded hardware (e.g. Trojans). A large proportion of IoT devices operate in an energy-constrained environment with very limited computing resources, this makes the use of typical defence mechanisms such as classic cryptography algorithms prohibitively expensive. The challenges for building secure IoT are threefold:
• How to develop hardware which is inherently resilient to physical attacks
• How to implement complex security protocols with very limited resources
• How to detect/diagnose anomalous behaviour of an IoT device
This talk addresses the above three questions, as follows:
1) The first part of this talk addresses the first question, it presents two novel approaches for enhancing the security and reliability of physically unclonable functions, one of the enabling technologies designing Tamper resistant hardware. The first technique propose a physically unclonable function using instruction cache, typically found in all embedded processors. The design is optimised to improve resilience to ageing effects. The second approach aim to enhance the security of physically unclonable functions against modelling attacks by combining these with low cryptographic primitives such as permutation and substitution. The proposed techniques makes its affordable, secure and reliable to use physically unclonable technology in resources constrained systems.
2) The second part of this talk addressees the second question, it presents a new authentication protocol based on PUF technology, Then power consumption and memory utilization of the proposed protocol were estimated and compared with the existing solutions, namely: DTLS (datagram transport layer security) handshake protocol and UDP (user datagram protocol). Our results indicate that the proposed PUF based authentication saves up to 45% power and uses 12% less memory compared to DTLS handshake authentication.
3) The third part of this talk addresses the final question, it presents a new detection technique for malicious/abnormal behaviour of embedded using data from Hardware Performance Counters (HPCs).
Finally the talk concludes with a summary of outstanding challenges.