2. Rubicon Labs Inc.のご紹介
rubiconlabs.io
アメリカシリコンバレー(サンフランシスコ)のサイバーセキュリティの
ソリューションを提供するスタートアップ起業
IOTのセキュリティーの強化のためのソリューションを提供
- 2020年には200億個以上のデバイスがIOTで接続。
ガ-トナー社の予測:6.4 B IoT devices worldwide in 2016,(20.8 B, 2020).
- 製品からサービスへ価値モデルのシフト
- スケーラビリティへの対応が必要(既存の公開鍵でのセキュリティー対応は困難)
Rubicon Labsからよりユニークなセキュリティー技術、高速、ローコストのソリューションの提供
- 対称暗号( symmetric cryptography : AES)
- Zero-Knowledge Keys (シンプル、高速)
- Cloud Identity service (iDaaS)モデルの提供
- ローパワーのIOTデバイスへも対応可能
ー エコシステムの構築 Rubicon IoT ecosystem:Cloud, Gateway, System & Devices,
MCU
強力な組織、人的資源でサポート
- 暗号技術の技術集団 ( Dr. Whitfield Diffie as technical advisor)
- アメリカIT起業でのマネージメント経験者 (Apple ,Broadcom, etc)
- 有力VC、パートナーからのファンド
Third Point Ventures, Pelion Venture Partners, Akamai Technologies, Inc.
Takashi.murayama@rubiconlabs.iowww.rubiconlabs.io
3. Who is Rubicon?
• A venture backed cybersecurity startup based in
San Francisco, CA
• Institutional investment
• ThirdPoint Ventures
• Pelion Ventures
• Strategic investment from Akamai
• Focused on cryptographic key management for
IoT
4. What is Rubicon’s
technology?
• A cloud platform that provides identity to low
powered and resource constrained IoT devices
• These devices are the building blocks for IoT, do
not support HTTPS, and are unable to do
traditional PKI key exchanges (RSA and ECC
algorithms) based upon power, memory, and
speed constraints
• Once established, Rubicon identities are
leveraged to define business models for IoT,
secure/encrypt data, and drive the transition of
revenue from Capex to Opex revenue generation
5. Presentation Overview
• What drives the value of IoT?
• The building blocks of IoT
• Types of cryptographic keys to protect IoT
• An introduction to Rubicon IoT security
• Rubicon’s competitive advantage
• A Rubicon key exchange (session key
establishment)
• How Rubicon integrates into IoT products
• Questions
6. Where is the value in IoT?
How can it impact so many
industries?
An incredible transition is
happening
10. –Hal Varian, Chief Economist at Google
“Between the dawn of civilization and
2003, we only created 5 exabytes of
data;
now we creat that amount every two
days.
By 2020, that figure is predicted to sit at
53 zettabytes (53 trillion gigabytes) every
two days”
14. Estimate for United States Middle East Oil Security Co
*United States cost of military force projection in the Persian Gulf, 1976–2007 Roger J. Stern
$7.3 Trillion over previous three decades*
15. In the digital world we
protect with
cryptography
Cryptography comes
with challenges and
costs
16. Challenges
• Speed of algorithms
• Power / energy consumption of algorithms
• Memory usage of algorithms
• Key distribution
• Key protection on the device and in the
cloud
22. We must build a
protection platform for
our target devices
23. 1. What type of cryptographic key
Symmetric Keys vs. Asymmetric keys
2. Zero Knowledge Key
- Devices can use it.
- Devices cannot know its value.
3. Identity that comes from uniqueness
to be provable
- Proved at scale at IOT
Protection Platform
24. Symmetric Keys
• Keys are simple to generate
• Two parties must share a
secret to communicate
• Challenges with key
provisioning
• Incredibly fast algorithms
• Power efficient algorithms
rubiconlabs.io
25. Asymmetric Keys
• Keys are expensive to generate
(mathematical cost)
• Public key is shared
• Private key is kept secret
• Used to solve the key
provisioning problem
• Very slow and large algorithms
rubiconlabs.io
27. The web was built on
top of asymmetric
cryptography
Asymmetric crypto is good
for server to PC
authentication
(one-way authentication)
rubiconlabs.io
28. IoT is forcing us to
rethink how to do
cryptography for
MCUs
rubiconlabs.io
29. Rubicon is a symmetric
key based identity and
security platform for
IoT
45. Two doorways into secure environment:
1.Through the keyed one way hash
2.Through the AES interface (encrypt/decrypt)
Keyed one way
hashing
Symmetric
encryption
rubiconlabs.io
55. Random number
is generated by
device and hashed
(using blue
devices ZKK) to
generate a
session key
Same random
number is sent to
the cloud and the
exact same
operation is
performed to
generate the
same session key
Random number is generated
by cloud and hashed (using
orange devices ZKK) to
generate a key encryption key
The cloud encrypts
the gold key with
the blue key
(creating gold key in
blue box below)
Second random number and encrypted
gold key in blue box are sent to the
orange device
Random is hashed by orange device (using
ZKK), resulting in the blue key being
derived
Blue key is used to decrypt the gold key
(resulting in gold key being derived at both
devices)
56. Differentiation with identity from
symmetric cryptography
• Symmetric keys are simpler to provision and revoke
• Easier to protect while being used
(most common attack point)
• Stronger (bit for bit)
• Faster
• Lower power usage
• Lower cost / key to generate and manage
• Requires less memory
(scales for resource constrained IoT)
rubiconlabs.io
60. What do you get?
• Software security agent for target
(vendor specific MCU + RTOS + toolchain)
• Security abstraction layer API to utilize
Rubicon ZKK in the device and cloud
• Cloud portal for key management
(revoke keys, black list keys…)
• Cloud interface to the Rubicon cloud to decrypt
data and pass it back to the IoT cloud
67. Rubicon Labs Inc.のご紹介
rubiconlabs.io
アメリカシリコンバレー(サンフランシスコ)のサイバーセキュリティの
ソリューションを提供するスタートアップ起業
IOTのセキュリティーの強化のためのソリューションを提供
- 2020年には200億個以上のデバイスがIOTで接続。
ガ-トナー社の予測:6.4 B IoT devices worldwide in 2016,(20.8 B, 2020).
- 製品からサービスへ価値モデルのシフト
- スケーラビリティへの対応が必要(既存の公開鍵でのセキュリティー対応は困難)
Rubicon Labsからよりユニークなセキュリティー技術、高速、ローコストのソリューションの提供
- 対称暗号( symmetric cryptography : AES)
- Zero-Knowledge Keys (シンプル、高速)
- Cloud Identity service (iDaaS)モデルの提供
- ローパワーのIOTデバイスへも対応可能
ー エコシステムの構築 Rubicon IoT ecosystem:Cloud, Gateway, System & Devices, MCU
強力な組織、人的資源でサポート
- 暗号技術の技術集団 ( Dr. Whitfield Diffie as technical advisor)
- アメリカIT起業でのマネージメント経験者 (Apple ,Broadcom, etc)
- 有力VC、パートナーからのファンド
Third Point Ventures, Pelion Venture Partners, Akamai Technologies, Inc.
Takashi.murayama@rubiconlabs.iowww.rubiconlabs.io
68. team
Rod, VP Product
Gary
VP Engineering
Richard
CEO
Wil
Co-Founder, CSO
Whit Diffie
Inventor, Public
Key Cryptography
(Advisor)
Stephen Ludin
Chief Architect,
Akamai
(Advisor)
Dave
Co-Founder,
COO
rubiconlabs.io