How are you creating IoT device unique identity for cloud connectivity?

Log in or register to post comments
Go To Last Post
5 posts / 0 new
Author
Message
eustace
eustace's picture
Level: Moderator
Joined: Sun. Apr 8, 2007
Posts: 12 View posts
#1
Posted by eustace: Wed. Oct 7, 2015 - 07:36 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hello All:

With the IOT craze comes the need to securely identify remote devices so that no one should be turning on your lights and other gadgets at wee hours.  Many companies are trying to remotely generate and quirt digital certificates into IoT devices but can't tell if the right devices are receiving the identities or worse, don't even know if the same key is being illegally cloned into other units by some subcon trying to channel into black markets.  So you think you are turning on your ceiling fan and all of a sudden all of Bahrain lights up, sort of cool in a crass way if you are not on the receiving end. (Of course Atmel's ATECC508A totally solves this problem).  How are you (or your customers) tackling the problem of IoT device identification for cloud connectivity today? 

--eustace

Eustace Asanghanwa
Atmel Crypto Products

Tags:

Security, General Security Discussions, provisioning, ATECC508A, #IOT #provisioning #, #Atecc508a
Last Edited: Thu. Oct 15, 2015 - 10:59 PM
Top
dak664
dak664's picture
Level: Raving Lunatic
Joined: Sun. Jun 15, 2008
Posts: 2118 View posts
Location: North Carolina USA
Posted by dak664: Thu. Oct 8, 2015 - 06:00 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Amazon sells US$5 buttons that reorder specific items through wifi:

http://www.theatlantic.com/techn...

 

They used to give them away free, now the button price is returned after the first order because hackers were retasking them as low-cost wifi appliances:

https://medium.com/@edwardbenson...

 

Don't know how they handle uniqueness, but hopefully in a secure way so some joker cant spoof an order to send you a roomfull of diapers.

Last Edited: Thu. Oct 8, 2015 - 06:01 PM
Top
eustace
eustace's picture
Level: Moderator
Joined: Sun. Apr 8, 2007
Posts: 12 View posts
Posted by eustace: Thu. Oct 8, 2015 - 11:43 PM (Reply to #2)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I long ago learned never to underestimate the ingenuity of a hacker.  Brilliant re purposing.

 

Don't know how they handle uniqueness, but hopefully in a secure way so some joker cant spoof an order to send you a roomfull of diapers.

 

The story strongly suggest they are relying on a MAC address over evidently unsecured communication channel if the traffic is easily scraped in clear text.  Check this out, if you can scrape it, you can clone it.

 

I'm guessing the initial setup simply associates the MAC address to the owner's Amazon Prime account so Amazon knows where to ship when the device contacts them.  Scrape the right traffic from your 'friend's' house and now you have yourself the arsenal for modern TP'ing all from your couch - hmmm tempting...

Eustace Asanghanwa
Atmel Crypto Products

Top
eustace
eustace's picture
Level: Moderator
Joined: Sun. Apr 8, 2007
Posts: 12 View posts
Posted by eustace: Fri. Nov 6, 2015 - 04:29 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hello Everyone,

 

Building an IOT ecosystem?  Become your own root CA, securely, and save major $$$.

 

Coming soon only from Atmel!

 

--eustace 

Eustace Asanghanwa
Atmel Crypto Products

Top