Reader Forum: PKI takes center stage in the ‘Internet of everything’ age

Editor’s Note: Welcome to our weekly Reader Forum section. In an attempt to broaden our interaction with our readers we have created this forum for those with something meaningful to say to the wireless industry. We want to keep this as open as possible, but we maintain some editorial control to keep it free of commercials or attacks. Please send along submissions for this section to our editors at: [email protected].
Cisco reports that 25 billion IP-enabled devices will be connected in the ever-growing “Internet of Things” by next year and that this number will double by the year 2020. IP TV cameras, sensor grids for earthquake and water detection, smart meters, wireless networks – all these Internet-connected “things” operate automatically and promise to transform our lives in important ways.
While IoT creates process improvements across all industries and facets of life, it increases the need for mobile security. The unprecedented influx of data mobile devices produce must be protected and the solution already exists in the form of public key infrastructure. For the past two decades, PKI has played a quiet role in security, waiting for the moment when its star potential would be realized. The demands of IoT are now giving PKI its close-up.
Cryptography for trust and control
Though they are difficult to achieve on the grand scale needed, the two primary considerations in IoT security are trust and control. One thing is certain: cryptography is going to play a central role in making it happen. Of course, crypto and PKI technologies are nothing new and have already been proven in large-scale systems like the global payments network and for protecting data across the World Wide Web. However, securing the IoT brings some new challenges that might force us to rethink traditional assumptions around key management and the impending security threats.
The new generation of connected wireless networks, sensors, meters and other kinds of devices will assist in making low-level decisions like which valve to turn off or when to shut off a building’s electricity. These devices must provide trustworthy information, sometimes directly to the user and sometimes to the infrastructure provider (such as the wireless networks), often employing data analytics that span millions of mobile devices taking system-wide decisions. Users, service providers or even regulators need to be sure that they are talking to the correct device, that the device is functioning effectively, is configured correctly, has not been tampered with, is not providing incorrect or altered information, that it will do what it is supposed to and that no one can interfere along the way.
It is no mean feat to establish trust on the scale IoT requires and across a broad range of devices. The devices themselves are out on the front line, in hostile environments or susceptible to physical attacks and the networks they communicate over are usually un-trusted and difficult to secure. Additionally, back-end systems and data repositories where information is aggregated, analyzed and decisions taken is also an attractive targeted. There’s certainly the threat of a homeowner cheating the electric company – that’s nothing new, but the sheer scale of IoT creates a new set of threats. Under the control of malicious insiders or “hacktivists,” thieves or terrorists, the IoT could quickly become the Internet of listeners or the army of things.
Ingredients for successful security
Among the requirements for success, three will be vital: high-integrity messaging, secure communications and mutual authentication at an Internet scale. Having secured network-connected devices for decades, digital certificates issued by a PKI are well situated to serve as the online identity for those things. PKI has performed well for years in trusted environments where hundreds of millions of device certificates have been deployed for ATMs, cellular base stations and smart phones. While the things in the IoT have much in common with such devices, they do raise some new issues around assurance, scale and technology.
First of all, in terms of assurance and validation, not all options are equal.
There’s a distinction between public PKI applications and private or closed PKI applications. Common PKI applications such as e-mail security and even SSL often require a level of public trust – the ability for anyone to validate the assurance claims made by the PKI based credentials, such as certificates. This requires the ability to equip all potential receivers to test the claims of all potential senders and even harder, to revoke the ability to make claims if trust is lost. In many ways the situation in IoT is easier because many IoT deployments don’t need public trust – they are closed systems. For instance, if a certificate in a vehicle is used only to communicate telemetry data back to the manufacturer, no other third party needs to rely on that certificate or the PKI that issued it. Furthermore, revocation checking and online validation may no longer be required since the organization in control will already know the status of its own devices in the network and won’t need to rely on checking the status of credentials of the device itself.
IoT predictions take the number of connected devices to several orders of magnitude beyond anything experienced today, so the second challenge is clearly about scale. Although PKI deployments certainly exist that have the ability to manage millions of certificates, most operate at levels significantly smaller. The magnitude of many IoT deployments will make systems with tens or even hundreds of millions of credentials commonplace. The good news is that many of these devices’ deployments will be relatively static, credentials will have relatively long life cycles and changes might be rare – but in very large systems, even a relatively small change can be an operational nightmare.
The third challenge is that of technology. The IoT will be populated by extremely low-power and low-budget devices, unlike traditional PKIs and connected devices (ATMs, servers, even smartphones); saving micro-watts of power or cents to bill will be a big deal. Traditional cryptography is not designed for these environments. Cryptography is mathematically intensive and that requires CPU power. Another related problem is credential generation. Making good keys (just special random numbers) is not easy and making them in high volumes, for example on a production line, can quickly become a bottleneck. Again, the good news is that crypto algorithms designed for low power devices and rapid key generation already exist and have been widely proven. Generally falling into the category of elliptic curve cryptography, this technology is rapidly growing in terms of availability.
Everything old is new again
A whole new world of possibilities awaits us as the IoT matures. Unfortunately, a new world of threats awaits us as well. Considering how to secure IoT requires a reconsideration of key management. Organizations will need to adjust and adapt as they encounter new security threats, just as they will be adjusting to the growing influx of new certificates needed by the ever-growing number of connected devices.
PKI has already been plugging away faithfully behind the security scenes, so it’s only logical that the use of PKI for IoT can be expanded. PKI has a long history of solving high-assurance problems using hardware security modules and prudent security practices. As we advance into this new landscape of IoT, we see that what is currently in use – digital certificates and the PKIs that manage them – seems the most effective method for securing these “things.” The “old” has come to the rescue of the “new.”