Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
copyright 2014 1
Security protocols in
constrained environments
Chris Swan, CTO
@cpswan
Cloud native networking
copyright 2014
TL;DR
System type Such as Will it work? The issue
Low end
embedded
Atmel 8-bit AVR
(most Arduino),
TI MSP-4...
copyright 2014
What would #FHB say?
3
copyright 2014
Agenda
• Anatomy of a security protocol
• The key exchange dance
• Linux makes things easy
• Libraries for ...
copyright 2014
Which security protocols?
The ‘S’ protocols:
Secure Sockets Layer (SSL)
Superseded by Transport Layer Secur...
copyright 2014
SSL Handshake
copyright 2014
Client Hello
copyright 2014
It’s a similar story for SSH
copyright 2014
and IPsec
copyright 2014
Linux makes this easy
If not already built in to a particular distribution then use
favourite package manag...
copyright 2014
Things get trickier with embedded
But by no means impossible…
copyright 2014
Stack trades offs may be made
copyright 2014
But those keys won’t fit into 2K
At least not with anything resembling a useful application…
… regular Ardu...
copyright 2014
Things that happened…
14
copyright 2014
Things that are happening…
15
copyright 2014
Summary
System type Such as Will it work? The issue
Low end
embedded
Atmel 8-bit AVR
(most Arduino),
TI MSP...
copyright 2014
Further reading
PolarSSL tutorial
https://polarssl.org/kb/how-to/polarssl-tutorial
AVR32753: AVR32 UC3 How ...
copyright 2014 18
Chicago, US
ContactMe@cohesiveft.com
+1 888 444 3962
Questions?
Upcoming SlideShare
Loading in …5
×

Chris Swan's presentation for Thingmonk 2014 - security protocols in constrained environments

520 views

Published on

Security protocols in constrained environments

CTO Chris Swan presented on 2 December 2014 at the Redmonk event Thingmonk, focused on IoT and security.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Chris Swan's presentation for Thingmonk 2014 - security protocols in constrained environments

  1. 1. copyright 2014 1 Security protocols in constrained environments Chris Swan, CTO @cpswan Cloud native networking
  2. 2. copyright 2014 TL;DR System type Such as Will it work? The issue Low end embedded Atmel 8-bit AVR (most Arduino), TI MSP-430 No SRAM Mid-high end embedded Anything ARM based (e.g. STM Discovery, TI Stellaris) inc. Arduino Due With some effort Library, key and cipher suite wrangling Linux OS Raspberry Pi, BeagleBone, Arduino Yún Yes -
  3. 3. copyright 2014 What would #FHB say? 3
  4. 4. copyright 2014 Agenda • Anatomy of a security protocol • The key exchange dance • Linux makes things easy • Libraries for higher end microcontrollers • SRAM on low end microcontrollers • 2014 – things happened • Summary
  5. 5. copyright 2014 Which security protocols? The ‘S’ protocols: Secure Sockets Layer (SSL) Superseded by Transport Layer Security (TLS) Secure SHell (SSH) Internet Protocol Security (IPsec)
  6. 6. copyright 2014 SSL Handshake
  7. 7. copyright 2014 Client Hello
  8. 8. copyright 2014 It’s a similar story for SSH
  9. 9. copyright 2014 and IPsec
  10. 10. copyright 2014 Linux makes this easy If not already built in to a particular distribution then use favourite package manager to get: (no relation)
  11. 11. copyright 2014 Things get trickier with embedded But by no means impossible…
  12. 12. copyright 2014 Stack trades offs may be made
  13. 13. copyright 2014 But those keys won’t fit into 2K At least not with anything resembling a useful application… … regular Arduino struggles with MQTT and 1wire
  14. 14. copyright 2014 Things that happened… 14
  15. 15. copyright 2014 Things that are happening… 15
  16. 16. copyright 2014 Summary System type Such as Will it work? The issue Low end embedded Atmel 8-bit AVR (most Arduino), TI MSP-430 No SRAM Mid-high end embedded Anything ARM based (e.g. STM Discovery, TI Stellaris) inc. Arduino Due With some effort Library, key and cipher suite wrangling Linux OS Raspberry Pi, BeagleBone, Arduino Yún Yes -
  17. 17. copyright 2014 Further reading PolarSSL tutorial https://polarssl.org/kb/how-to/polarssl-tutorial AVR32753: AVR32 UC3 How to connect to an SSL-server http://www.atmel.com/Images/doc32111.pdf STM32 Discovery: Porting Polar SSL http://hobbymc.blogspot.co.uk/2011/02/stm32-discovery-porting-polar-ssl.html Netflix tech Blog: Message Security Layer: A Modern Take on Securing Communication http://techblog.netflix.com/2014/10/message-security-layer-modern-take-on.html
  18. 18. copyright 2014 18 Chicago, US ContactMe@cohesiveft.com +1 888 444 3962 Questions?

×