iot security
doc
The DNS and the Internet of Things: Opportunities, Risks, and Challenges
Charting the Atack Surface of Trigger-Action IoT Platforms
9 Main Security Challenges for the Future of the Internet Of Things (IoT)
Hardware or Software Security: Which is right for my IoT Device?
Privacy, Discovery, and Authentication for the Internet of Things
A Privacy-Enhancing Framework for Internet of Things Services
gfce
International IoT Security Initiative
Internet of Things (IoT) Security GFCE Global Good Practices
思路不错,问题点,bcp(设计,实践,认证,基线,标准),challenge(供应链,碎片化,生命周期,rot,监控,人员) 都列了一下。
ietf
rfc8576 : iot security
从威胁讲起:漏洞、隐私、clone of things、替换、监听、MITM、镜像、信息提取、路由攻击(改包、选择性转发、分光、伪装)、提权、ddos。
影响:业务影响、安全风险、隐私风险、安全事件处理
一堆协议。。。
基于IP的安全框架。。。
PSK, Raw Public Key, Cert 安全模式。。。
主要问题点:异构网络、资源受限、DDoS、E2E、初始化、group comm、移动网络状态变换、secure update、update old and insecure cryptographic primitives、end of life (eol)、设备证明、应急响应、quantum-resistance、privacy (idenfication, localization, profiling, interaction, life cycle transitions, inventory attack, linkage)、逆向、可信操作。
iotsf
IoT Security Foundation Publications
Secure Design Best Practice Guides
主要是报菜名:classification of data, physical security, device secure boot, secure os, application security, credential Management, encryption, network connections, securing software updates, logging, software update policy, secure boot, secure update, side channel attack。
IoT Security Assurance Framework
分了几个安全等级,以及对上面的菜名的细化要求。
etsi
nist
NISTIR 8228 Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks
主要关注device security, data security, privacy (personally identifiable information, PII)。
NISTIR 8259 Foundational Cybersecurity Activities for IoT Device Manufacturers
8259主要扯厂商可以在iot device的出厂前,出厂后干些什么事。注意出厂后的安全生命周期、升级、过期等等处理。
8259A关注device Cybersecurity的基线: device idenfication, device configuration, data protection, logical access to interface, software update, cybersecurity state awareness。
8259B主要扯要有什么人,应该干什么事。
800-213 主要是表态。
800-213A 是针对8259讨论的内容的一些描述与解释,看目录也行。
NIST Cybersecurity for IoT Program
Trusted Internet of Things (IoT) Device 4 Network-Layer Onboarding and Lifecycle 5 Management
arm psa
The PSA Certified 10 Security Goals Explained
arm主要是列了10大安全目标: unique idenfication, security lifecycle, software authorization, secure update, anti-rollback, isolation, interaction, device binding of stored data, cryptographic and trusted services。
基线内容是安全启动、HUK、安全存储等等,扩展内容是eat设备证明。
JSADEN014 Platform Security Model
针对10 security goals的细化要求。
认证材料。
PSA Certified Level 1 Questionnaire Version 2.1 REL-02 有与其他标准(例如nist, etsi)的映射
PSA Certified Level 2 Attack Methods 威胁建模
Platform Threat Model and Security Goals
表列得不错
arm
Trusted Firmware-M Documentation
paper
Evaluation of Out-of-Band Channels for IoT Security
Evaluation of Out-of-Band Channels for IoT Security
secure bootstrapping in ad-hot IoT deployment。
Out-of-Band : NFC, QR Code, audio。
Extensible Authentication Protocol (EAP)。
One-time password (OTP): SMS。
group messaging
telegram, whatsapp, signal, support e2e encryption with oob verification, require users to compare information shown on each other’s devices。
telegram: 生成一个图片展示已交换的keys。
whatsapp:
- 60-bit string = hash (user’s public identity key) 到 30-bit + 30-bit (两个string);用户比较60-bit string
- 或者扫qr code
Nimble Out-of-Band Authentication for EAP (EAP-NOOB)
dynamic OOB messages, refresh cycle 3600s。
secret nonce (Noob): first authentication, mutually authentication。
cryptographic fingerprint(Hoob): verify the integrity of the key exchange, detect impersonation and mitm on the in-band channel。
OOB mesage url example (60bytes): server domain name (60 characters base64), PeerId (22 characters base64), secret nonce (Noob) 16-byte, fingerprint (Hoob) 16-byte。
attack
firmware
tlstorm : ups, firmware没签名
misbinding
Misbinding Attacks on Secure Device Pairing and Bootstrapping : 标识的脆弱性
