It's that time of the year again, Halloween. Where all the witches, ghosts and ghouls come out to play. It is also the one-time of the year where my neighbors cannot say anything about my scary decorations I personally take pride in my front lawn. It is equipped with animated zombies, flying ghosts, tombstones and glow-in-the-dark skeletons. It may be a little much but it is certainly a lot of fun. This year is extra special, ‘Stranger Things’ is coming back for a second season! This October will be filled with binge watching TV, crazy monsters, parallel universes and enjoying lots of candy.
Challenges with Protecting Your IoT Environment
Although Halloween happens once a year, evil lurks in the digital IoT world all year round. Systems must be protected 24/7/365 to ensure that the ‘Demogorgon’ does not make it’s way through the portal into the system. One concern is the protection of our cryptographic keys. Although there are many ways to accomplish this, it is not an easy decision. Take Java Key Stores (JKS) for example. JKS is a software based solution which is the default key store in most Java implementations. It is also used extensively in a number of web servers, Linux based applications and a variety of software frameworks. Although they are simple and easy to use, are they truly secure? As explained within Tobias “Floyd” Ospelt’s POC||GTFO article "15:12 Nail in the Java Key Store Coffin", there can be some challenges. JKS works by password-based encryption (PBE) which can be secure, however, the JKS implementation lends itself to ‘dictionary attacks’. Tobias further states that “By exploiting a weakness of the JKS Password Based Encryption scheme for the private key, passwords can be cracked very efficiently.”
There is no doubt that the most sensitive component of cryptography are the keys. As Kerckhoffs’ principle states, “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.” Kerckhoffs asserts the idea that the cryptography should depend solely on the secrecy of the key and with high level of entropy. So how can we ensure that our keys are protected? Fortunately, Hardware Security Modules (HSM) are a good way of accomplishing this.
Hardware Security Modules May be the Answer
Using a HSM will ensure you are able to overcome the security risks and performance challenges that are usually associated with software-only cryptography and key management. HSM can provide a high level of assurance that satisfy current and future standards for cryptographic systems. The modules typically offer protection features like strong authentication and physical tamper resistance. Main features of an HSM include:
- Secured key generation and storage
- Accelerated symmetric and asymmetric encryption
- Backup of data in encrypted form.
- Easily accessible via PKCS#11 which is one of the Public-Key Cryptography Standards. PKCS#11 is the programming interface to create and manipulate cryptographic tokens.
- The modules can be developed in native C language, in .NET, Java, or other programming languages.
Because HSMs are often part of a mission-critical infrastructure such as a public key infrastructure that typically can be clustered for high availability. Many HSM systems have means to securely back up the keys they handle either in a wrapped form via the computer's operating system or externally using a smartcard or some other security token.
HSM can be an essential component to your implementation. As there are many HSM options, I strongly recommend that you perform your due diligence to see which can fit your needs and make your ‘IoT SCARIER THINGS’ just a TV show and not real life.