SlideShare a Scribd company logo

IoT setup and pairing

Download as PPTX, PDF
Guy Vinograd ☁
Guy Vinograd ☁

Michael Mars, Cloud IoT Architect at Softimize.co, provided techniques for initial setup and pairing of IoT devices in April 2018. The document describes sample device pairing flows involving turning on a Fast Pair-enabled device, establishing a Bluetooth connection when the user taps to pair, and downloading a companion app. It also discusses Bluetooth secured pairing as a 3-phase procedure to establish keys for encrypted links and Bluetooth simple pairing models like numeric comparison, just works, out of band, and passkey entry. Wi-Fi protected setup methods like push button configuration, PIN entry, and out of band channels are also summarized. Finally, an overall architecture for handling device data on onboarding, organization, monitoring, and remote management is

1 of 18
Michael Mars, Cloud IoT Architect michaelma@Softimize.co Techniques for Initial Setup and Pairing of IoT Devices April 2018
Your R&D Team 1. Turn on a Fast Pair-enabled device and put it in pairing mode o Android scans for BLE broadcasts in close proximity of the user's phone and discovers a Fast Pair packet (if Bluetooth and Location are turned on) o The packet is sent to server to get back the device's product image, product name and companion app 2. The user receives a notification asking them to "Tap to pair" to the device. The notification contains the product name and image 3. When the user taps on the notification, we use classic Bluetooth to establish a connection 4. A success notification is shown which contains a link to download the companion app Let’s start with a pairing example Source: https://android-developers.googleblog.com/2017/10/announcing-fast-pair-effortless.html
Your R&D Team What are customers doing with IoT devices?
Your R&D Team Overall architecture for handling device data
Your R&D Team Sample Device Pairing Flow
Bluetooth Simple Pairing  Bluetooth network consisting of one master and its slaves is called a piconet. The master controls the timing of all Bluetooth communications on a piconet.  The process of adding a new slave device to a Bluetooth piconet is called pairing.  Bluetooth Simple Pairing is a set of security enhancements to the Bluetooth pairing mechanism. The goal of Bluetooth Simple Pairing is to establish authentication credentials between the Bluetooth master and slave devices. Bluetooth Simple Pairing supports four different pairing models: “Numeric Comparison” “Just Works” “Out of Band” and “Passkey Entry”  Wireless communication is inherently vulnerable to message injection and eavesdropping attacks. We cannot rely on the wireless channel alone for establishing credentials. Thus, we rely on an additional out-of-band channel.  We assume Dolev-Yao active attacker, who can eavesdrop, insert, modify, delay, and reorder messages sent in the in-band channel. Source: Kuo, Cynthia, Jesse Walker, and Adrian Perrig. "Low-cost manufacturing, usability, and security: an analysis of bluetooth simple pairing and Wi-Fi protected setup." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2007.
Your R&D Team Bluetooth Secured Pairing  Pairing is a three-phase procedure to establish keys to use for an encrypted link  Pairing phase 1 allows 2 devices to exchange their input/output capabilities, which will decide what security scheme can be used  Phase 2 and 3 allows 2 devices to share keys that will be used at different stages of security features  3 phases : • Phase 1: Pairing request & response • Phase 2: Pairing over SM protocol + short-term encryption • Phase 3: Keys exchange + long-term encryption  Bonding devices store encryption keys for later secure communication
Bluetooth LE Pairing Process (cont.)
Bluetooth Simple Pairing  Numeric Comparison ◦ When both master and slave can display a 6-digit number and both provide “Yes” and “No” buttons ◦ Each device displays a 6-digit number computed from the pairing protocol ◦ 6 digits in the PIN (= 106 ≈ 220 possibilities), an attacker can compromise the PIN with a probability of at least 2−20  Just Works ◦ At least one of the devices has no display or “Yes/No” buttons (e.g. Bluetooth headset) ◦ Uses Numeric Comparison internally, but does not display the six digits for comparison even if one of the devices has a suitable display ◦ No security against active attack  “Out-of-band” ◦ When alternate communication medium exists on both devices, such as Near Field Communication (NFC) ◦ The alternate medium transfers a key between the devices and functions as the out of-band channel in the standard model. ◦ Transfer of a large key can provide more security ◦ Security depends on the user properly exercising the alternate communication channel  Passkey Entry ◦ When one of the devices has a display and the other a keypad ◦ The device with the display randomly generates a 6-digit number, and the user enters this on the other device using the keypad ◦ The protocol splits the passkey into 20 bits and reveals one bit over 20 rounds of exchanges ◦ An eavesdropper can compute each bit of the passkey after it has been sent (thus, a passkey can only be used securely once) Pairing Algorithms
Wi-Fi Protected Setup  Developed to address consumers’ credential configuration problem  Wi-Fi Protected Setup supports three setup methods: Push Button Configuration, PIN entry, and Out-of-band channel  Wi-Fi, or IEEE 802.11, is a Local Area Network standard. Usually deployed as an infrastructure network, which consists of one or more access points, and one or more mobile devices called stations. Each station forms a connection, called an association, with a single access point.  Wi-Fi attempts to address more complex relationships among wireless devices: The Wi-Fi scheme uses three different devices: the registrar, which is the network enrollment center; an access point; and an enrollee, which is the device being added to the network.  For security Wi-Fi uses the 802.11i standard, also called WPA2. WPA2 uses the IETF EAP protocol to mutually authenticate a station and the network and to derive a session key. The session key provides confidentiality, integrity, and origin authenticity for each frame that a station and its access point exchange. Thus, Wi-Fi security relies on a long-lived authentication credential being established between the station and the network.
Wi-Fi Protected Setup  Push Button Configuration (PBC) ◦ The user pushes buttons on both the registrar and the enrollee devices. The button push causes both to initiate an unauthenticated Diffie-Hellman exchange ◦ Has no security in the standard model ◦ The method assumes that the Diffie-Hellman peer is the correct device, i.e., that a malicious active attacker is not present. ◦ There is no out-of-band channel  PIN ◦ The enrollee device has a four- or eight-digit PIN which is entered on the registrar’s keypad ◦ The PIN method uses the PIN as an authentication key to protect a Diffie-Hellman exchange ◦ The transfer of the PIN from the enrollee device to the registrar is the out-of-band channel for the PIN method ◦ A random eight-digit PIN represents 108 = 226.65 possibilities. However, the PIN protocol splits the PIN into two four-digit numbers. Each side commits to its value for each half of the PIN and exchanges  “Out-of-band” ◦ An alternate communication channel, such as an NFC channel, transfers some information between the registrar and the enrollee ◦ It is possible to obtain an arbitrary amount of security in the standard model, provided the user actively participates in protecting the alternate channel from attack
Security Characteristics of Setup Models Source: Kuo, Cynthia, Jesse Walker, and Adrian Perrig. "Low-cost manufacturing, usability, and security: an analysis of bluetooth simple pairing and Wi-Fi protected setup." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2007.
Pairing Process with NFC The telephone contains a BT device and an NFC reader The headset contains a BT device and an NFC Tag The telephone will start reading the NFC Tag with NFC technology. NDEF message on Tag will contain a Bluetooth carrier configuration data record: • Bluetooth address = Headset Device address • Generic access profile = Headset • Local name = “Cool Headset” 1. The headset starts Bluetooth advertising with its own ‘Headset device Address’ after the NFC Tag content is read 2. The telephone starts Bluetooth scanning for a device with ‘Headset device Address’ after it has read the NFC tag 3. Bluetooth link is established by a simple intuitive user interaction Pairing headset with telephone
Mobile application scans the QR-code found in the back of the device to pair and connect the device to the user’s smartphone QR-Code Pairing
 Onboarding ◦ Control the provisioning workflow ◦ IoT Device Management Templates ◦ Certificates and access policies  Organization ◦ Hierarchical model of your fleet ◦ Set policies on hierarchical basis ◦ Query the fleet on attributes (e.g. device type, firmware version)  Monitoring ◦ Telemetry - real-time connection, authentication, and status metrics  Remote Management ◦ Push new software and firmware ◦ Reset to factory defaults ◦ Reboot ◦ Bulk updates rollouts Overall architecture for handling device data Source: Jeff Barr, New- AWS IoT Device Management, in AWS IoT Device Management, AWS Re:Invent*, Internet Of Things*, 29 Nov 2017 https://aws.amazon.com/blogs/aws/aws-iot-device-management/
Your R&D Team Recommended Resources  Bluetooth Core Specification (version 4.0), and Supplements  Bluetooth® Secure Simple Pairing Using NFC  NFC Forum Connection Handover Technical Specification  NFC Forum NFC Data Exchange Format (NDEF) Technical Specification  Cynthia Kuo, Jesse Walker, and Adrian Perrig, Low-Cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup
Your R&D Team Thank You! Complicated Setup Process Frustrates the End-Users
Michael Mars michaelma@softimize.co Want To Do IoT? Talk to us!

Recommended

Android security
Android securityAndroid security
Android securityMidhun P Gopi
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Sandbox Evasion Cheat Sheet
Sandbox Evasion Cheat SheetSandbox Evasion Cheat Sheet
Sandbox Evasion Cheat Sheet
Thomas Roccia
 
Neocognitron
NeocognitronNeocognitron
NeocognitronESCOM
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat application
Samsil Arefin
 
Luhn algorithm
Luhn algorithmLuhn algorithm
Luhn algorithmNguyen Huy
 
Buffer overflow
Buffer overflowBuffer overflow
Buffer overflow
قصي نسور
 

Recommended

Android security
Android securityAndroid security
Android securityMidhun P Gopi
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Sandbox Evasion Cheat Sheet
Sandbox Evasion Cheat SheetSandbox Evasion Cheat Sheet
Sandbox Evasion Cheat Sheet
Thomas Roccia
 
Neocognitron
NeocognitronNeocognitron
NeocognitronESCOM
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat application
Samsil Arefin
 
Luhn algorithm
Luhn algorithmLuhn algorithm
Luhn algorithmNguyen Huy
 
Buffer overflow
Buffer overflowBuffer overflow
Buffer overflow
قصي نسور
 
Owasp mobile top 10
Owasp mobile top 10Owasp mobile top 10
Owasp mobile top 10
Pawel Rzepa
 
Network lab manual
Network lab manualNetwork lab manual
Network lab manualPrabhu D
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
Lightweight cryptography
Lightweight cryptographyLightweight cryptography
Lightweight cryptography
Shivam Singh
 
ECDSA/EdDSA
ECDSA/EdDSAECDSA/EdDSA
ECDSA/EdDSA
JacobBrazeal
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
Rashmika Nawaratne
 
Digital signature
Digital signatureDigital signature
Digital signature
Nisha Menon K
 
Digital signatures
Digital signatures Digital signatures
Digital signatures
STUDENT
 
Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solution
United International University
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
모바일 게임 보안
모바일 게임 보안모바일 게임 보안
모바일 게임 보안
TOAST_NHNent
 
Format String Attack
Format String AttackFormat String Attack
Format String Attack
Mayur Mallya
 
Security Testing Mobile Applications
Security Testing Mobile ApplicationsSecurity Testing Mobile Applications
Security Testing Mobile ApplicationsDenim Group
 
Wireshark
Wireshark Wireshark
Wireshark
antivirusspam
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Detection Datasets: Forged Characters for Passport and Driving Licence
Detection Datasets: Forged Characters for Passport and Driving LicenceDetection Datasets: Forged Characters for Passport and Driving Licence
Detection Datasets: Forged Characters for Passport and Driving Licence
IJITE
 
One round threshold ecdsa with identifiable abort
One round threshold ecdsa with identifiable abortOne round threshold ecdsa with identifiable abort
One round threshold ecdsa with identifiable abort
National Chengchi University
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG
 
Writing Wireshark Filter Expression For Capturing Packets
Writing Wireshark Filter Expression For Capturing PacketsWriting Wireshark Filter Expression For Capturing Packets
Writing Wireshark Filter Expression For Capturing Packets
Xafran Marwat
 
17.security level of services
17.security level of services17.security level of services
17.security level of services
Pramod Rathore
 
Cn36539543
Cn36539543Cn36539543
Cn36539543
IJERA Editor
 

More Related Content

What's hot

Owasp mobile top 10
Owasp mobile top 10Owasp mobile top 10
Owasp mobile top 10
Pawel Rzepa
 
Network lab manual
Network lab manualNetwork lab manual
Network lab manualPrabhu D
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Lightweight cryptography
Lightweight cryptographyLightweight cryptography
Lightweight cryptography
Shivam Singh
 
ECDSA/EdDSA
ECDSA/EdDSAECDSA/EdDSA
ECDSA/EdDSA
JacobBrazeal
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
Rashmika Nawaratne
 
Digital signature
Digital signatureDigital signature
Digital signature
Nisha Menon K
 
Digital signatures
Digital signatures Digital signatures
Digital signatures
STUDENT
 
Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solution
United International University
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
모바일 게임 보안
모바일 게임 보안모바일 게임 보안
모바일 게임 보안
TOAST_NHNent
 
Format String Attack
Format String AttackFormat String Attack
Format String Attack
Mayur Mallya
 
Security Testing Mobile Applications
Security Testing Mobile ApplicationsSecurity Testing Mobile Applications
Security Testing Mobile ApplicationsDenim Group
 
Wireshark
Wireshark Wireshark
Wireshark
antivirusspam
 
Detection Datasets: Forged Characters for Passport and Driving Licence
Detection Datasets: Forged Characters for Passport and Driving LicenceDetection Datasets: Forged Characters for Passport and Driving Licence
Detection Datasets: Forged Characters for Passport and Driving Licence
IJITE
 
One round threshold ecdsa with identifiable abort
One round threshold ecdsa with identifiable abortOne round threshold ecdsa with identifiable abort
One round threshold ecdsa with identifiable abort
National Chengchi University
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG
 
Writing Wireshark Filter Expression For Capturing Packets
Writing Wireshark Filter Expression For Capturing PacketsWriting Wireshark Filter Expression For Capturing Packets
Writing Wireshark Filter Expression For Capturing Packets
Xafran Marwat
 

What's hot (20)

Owasp mobile top 10
Owasp mobile top 10Owasp mobile top 10
Owasp mobile top 10
 
Network lab manual
Network lab manualNetwork lab manual
Network lab manual
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Lightweight cryptography
Lightweight cryptographyLightweight cryptography
Lightweight cryptography
 
ECDSA/EdDSA
ECDSA/EdDSAECDSA/EdDSA
ECDSA/EdDSA
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signatures
Digital signatures Digital signatures
Digital signatures
 
Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solution
 
Wireshark
WiresharkWireshark
Wireshark
 
모바일 게임 보안
모바일 게임 보안모바일 게임 보안
모바일 게임 보안
 
Format String Attack
Format String AttackFormat String Attack
Format String Attack
 
Security Testing Mobile Applications
Security Testing Mobile ApplicationsSecurity Testing Mobile Applications
Security Testing Mobile Applications
 
Wireshark
Wireshark Wireshark
Wireshark
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
 
Detection Datasets: Forged Characters for Passport and Driving Licence
Detection Datasets: Forged Characters for Passport and Driving LicenceDetection Datasets: Forged Characters for Passport and Driving Licence
Detection Datasets: Forged Characters for Passport and Driving Licence
 
One round threshold ecdsa with identifiable abort
One round threshold ecdsa with identifiable abortOne round threshold ecdsa with identifiable abort
One round threshold ecdsa with identifiable abort
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Writing Wireshark Filter Expression For Capturing Packets
Writing Wireshark Filter Expression For Capturing PacketsWriting Wireshark Filter Expression For Capturing Packets
Writing Wireshark Filter Expression For Capturing Packets
 

Similar to IoT setup and pairing

17.security level of services
17.security level of services17.security level of services
17.security level of services
Pramod Rathore
 
Cn36539543
Cn36539543Cn36539543
Cn36539543
IJERA Editor
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
Editor IJMTER
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014Brian Knopf
 
Wi-Fi vs Bluetooth
Wi-Fi vs BluetoothWi-Fi vs Bluetooth
Wi-Fi vs Bluetooth
Arun ACE
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
inventy
 
A Comprehensive Approach to Secure Group Communication in Wireless Networks
A Comprehensive Approach to Secure Group Communication in Wireless NetworksA Comprehensive Approach to Secure Group Communication in Wireless Networks
A Comprehensive Approach to Secure Group Communication in Wireless Networks
David González Romero
 
11.bluetooth security
11.bluetooth security11.bluetooth security
11.bluetooth security
Pramod Rathore
 
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTINGKEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
ecij
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
OWASP Delhi
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
Cisco Canada
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Bluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportBluetooth network-security-seminar-report
Bluetooth network-security-seminar-report
ROHIT SAGAR
 
Security for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time passwordSecurity for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time password
SHASHANK WANKHADE
 
Insights of vpn
Insights of vpnInsights of vpn
Insights of vpn
Harshika Rana
 
Firewalls
FirewallsFirewalls
Firewalls
Deevena Dayaal
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PROIDEA
 

Similar to IoT setup and pairing (20)

17.security level of services
17.security level of services17.security level of services
17.security level of services
 
Cn36539543
Cn36539543Cn36539543
Cn36539543
 
Wireless personal area networks(PAN)
Wireless personal area networks(PAN)Wireless personal area networks(PAN)
Wireless personal area networks(PAN)
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
 
Wi-Fi vs Bluetooth
Wi-Fi vs BluetoothWi-Fi vs Bluetooth
Wi-Fi vs Bluetooth
 
IoT-SecurityECC-v4
IoT-SecurityECC-v4IoT-SecurityECC-v4
IoT-SecurityECC-v4
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
 
A Comprehensive Approach to Secure Group Communication in Wireless Networks
A Comprehensive Approach to Secure Group Communication in Wireless NetworksA Comprehensive Approach to Secure Group Communication in Wireless Networks
A Comprehensive Approach to Secure Group Communication in Wireless Networks
 
11.bluetooth security
11.bluetooth security11.bluetooth security
11.bluetooth security
 
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTINGKEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
KEY GENERATION FRAMEWORK FOR MULTIPLE WIRELESS DEVICES USING MULTIPATH ROUTING
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
 
ioT-SecurityECC-v1
ioT-SecurityECC-v1ioT-SecurityECC-v1
ioT-SecurityECC-v1
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Bluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportBluetooth network-security-seminar-report
Bluetooth network-security-seminar-report
 
Security for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time passwordSecurity for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time password
 
Insights of vpn
Insights of vpnInsights of vpn
Insights of vpn
 
Firewalls
FirewallsFirewalls
Firewalls
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
 

More from Guy Vinograd ☁

Pro medoss
Pro medoss Pro medoss
Pro medoss
Guy Vinograd ☁
 
Comply
Comply Comply
Comply
Guy Vinograd ☁
 
Bio-T -
Bio-T -Bio-T -
Bio-T -
Guy Vinograd ☁
 
What is LoRaWAN_Tom Zamir_IoT Expert
What is LoRaWAN_Tom Zamir_IoT ExpertWhat is LoRaWAN_Tom Zamir_IoT Expert
What is LoRaWAN_Tom Zamir_IoT Expert
Guy Vinograd ☁
 
PetNovations case study_architecting IoT systems - Olga Shpigel
PetNovations case study_architecting IoT systems - Olga ShpigelPetNovations case study_architecting IoT systems - Olga Shpigel
PetNovations case study_architecting IoT systems - Olga Shpigel
Guy Vinograd ☁
 
IoMT as drug device cloud technology for recovery management
IoMT as drug device cloud technology for recovery managementIoMT as drug device cloud technology for recovery management
IoMT as drug device cloud technology for recovery management
Guy Vinograd ☁
 
Softimize TBB IoT = device + cloud
Softimize TBB IoT = device + cloudSoftimize TBB IoT = device + cloud
Softimize TBB IoT = device + cloud
Guy Vinograd ☁
 
IoT Communication protocols Overview
IoT Communication protocols OverviewIoT Communication protocols Overview
IoT Communication protocols Overview
Guy Vinograd ☁
 
Best practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloudBest practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloud
Guy Vinograd ☁
 
Best practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloudBest practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloud
Guy Vinograd ☁
 
Creating Medical Devices for ioMT
Creating Medical Devices for ioMTCreating Medical Devices for ioMT
Creating Medical Devices for ioMT
Guy Vinograd ☁
 
ICI 2017 - Creating Medical IoMT Devices
ICI 2017 - Creating Medical IoMT Devices ICI 2017 - Creating Medical IoMT Devices
ICI 2017 - Creating Medical IoMT Devices
Guy Vinograd ☁
 
Softimize - IoMT is coming
Softimize - IoMT is comingSoftimize - IoMT is coming
Softimize - IoMT is coming
Guy Vinograd ☁
 

More from Guy Vinograd ☁ (13)

Pro medoss
Pro medoss Pro medoss
Pro medoss
 
Comply
Comply Comply
Comply
 
Bio-T -
Bio-T -Bio-T -
Bio-T -
 
What is LoRaWAN_Tom Zamir_IoT Expert
What is LoRaWAN_Tom Zamir_IoT ExpertWhat is LoRaWAN_Tom Zamir_IoT Expert
What is LoRaWAN_Tom Zamir_IoT Expert
 
PetNovations case study_architecting IoT systems - Olga Shpigel
PetNovations case study_architecting IoT systems - Olga ShpigelPetNovations case study_architecting IoT systems - Olga Shpigel
PetNovations case study_architecting IoT systems - Olga Shpigel
 
IoMT as drug device cloud technology for recovery management
IoMT as drug device cloud technology for recovery managementIoMT as drug device cloud technology for recovery management
IoMT as drug device cloud technology for recovery management
 
Softimize TBB IoT = device + cloud
Softimize TBB IoT = device + cloudSoftimize TBB IoT = device + cloud
Softimize TBB IoT = device + cloud
 
IoT Communication protocols Overview
IoT Communication protocols OverviewIoT Communication protocols Overview
IoT Communication protocols Overview
 
Best practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloudBest practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloud
 
Best practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloudBest practices for connecting medical devices to the cloud
Best practices for connecting medical devices to the cloud
 
Creating Medical Devices for ioMT
Creating Medical Devices for ioMTCreating Medical Devices for ioMT
Creating Medical Devices for ioMT
 
ICI 2017 - Creating Medical IoMT Devices
ICI 2017 - Creating Medical IoMT Devices ICI 2017 - Creating Medical IoMT Devices
ICI 2017 - Creating Medical IoMT Devices
 
Softimize - IoMT is coming
Softimize - IoMT is comingSoftimize - IoMT is coming
Softimize - IoMT is coming
 

Recently uploaded

Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Orkestra
 
Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
Access Innovations, Inc.
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Sebastiano Panichella
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
Sebastiano Panichella
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
eCommerce Institute
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
OECD Directorate for Financial and Enterprise Affairs
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
faizulhassanfaiz1670
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
Vladimir Samoylov
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
khadija278284
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Access Innovations, Inc.
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
Howard Spence
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Sebastiano Panichella
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
Faculty of Medicine And Health Sciences
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
IP ServerOne
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
OWASP Beja
 

Recently uploaded (16)

Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
 
Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
 

IoT setup and pairing

  • 1. Michael Mars, Cloud IoT Architect michaelma@Softimize.co Techniques for Initial Setup and Pairing of IoT Devices April 2018
  • 2. Your R&D Team 1. Turn on a Fast Pair-enabled device and put it in pairing mode o Android scans for BLE broadcasts in close proximity of the user's phone and discovers a Fast Pair packet (if Bluetooth and Location are turned on) o The packet is sent to server to get back the device's product image, product name and companion app 2. The user receives a notification asking them to "Tap to pair" to the device. The notification contains the product name and image 3. When the user taps on the notification, we use classic Bluetooth to establish a connection 4. A success notification is shown which contains a link to download the companion app Let’s start with a pairing example Source: https://android-developers.googleblog.com/2017/10/announcing-fast-pair-effortless.html
  • 3. Your R&D Team What are customers doing with IoT devices?
  • 4. Your R&D Team Overall architecture for handling device data
  • 5. Your R&D Team Sample Device Pairing Flow
  • 6. Bluetooth Simple Pairing  Bluetooth network consisting of one master and its slaves is called a piconet. The master controls the timing of all Bluetooth communications on a piconet.  The process of adding a new slave device to a Bluetooth piconet is called pairing.  Bluetooth Simple Pairing is a set of security enhancements to the Bluetooth pairing mechanism. The goal of Bluetooth Simple Pairing is to establish authentication credentials between the Bluetooth master and slave devices. Bluetooth Simple Pairing supports four different pairing models: “Numeric Comparison” “Just Works” “Out of Band” and “Passkey Entry”  Wireless communication is inherently vulnerable to message injection and eavesdropping attacks. We cannot rely on the wireless channel alone for establishing credentials. Thus, we rely on an additional out-of-band channel.  We assume Dolev-Yao active attacker, who can eavesdrop, insert, modify, delay, and reorder messages sent in the in-band channel. Source: Kuo, Cynthia, Jesse Walker, and Adrian Perrig. "Low-cost manufacturing, usability, and security: an analysis of bluetooth simple pairing and Wi-Fi protected setup." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2007.
  • 7. Your R&D Team Bluetooth Secured Pairing  Pairing is a three-phase procedure to establish keys to use for an encrypted link  Pairing phase 1 allows 2 devices to exchange their input/output capabilities, which will decide what security scheme can be used  Phase 2 and 3 allows 2 devices to share keys that will be used at different stages of security features  3 phases : • Phase 1: Pairing request & response • Phase 2: Pairing over SM protocol + short-term encryption • Phase 3: Keys exchange + long-term encryption  Bonding devices store encryption keys for later secure communication
  • 8. Bluetooth LE Pairing Process (cont.)
  • 9. Bluetooth Simple Pairing  Numeric Comparison ◦ When both master and slave can display a 6-digit number and both provide “Yes” and “No” buttons ◦ Each device displays a 6-digit number computed from the pairing protocol ◦ 6 digits in the PIN (= 106 ≈ 220 possibilities), an attacker can compromise the PIN with a probability of at least 2−20  Just Works ◦ At least one of the devices has no display or “Yes/No” buttons (e.g. Bluetooth headset) ◦ Uses Numeric Comparison internally, but does not display the six digits for comparison even if one of the devices has a suitable display ◦ No security against active attack  “Out-of-band” ◦ When alternate communication medium exists on both devices, such as Near Field Communication (NFC) ◦ The alternate medium transfers a key between the devices and functions as the out of-band channel in the standard model. ◦ Transfer of a large key can provide more security ◦ Security depends on the user properly exercising the alternate communication channel  Passkey Entry ◦ When one of the devices has a display and the other a keypad ◦ The device with the display randomly generates a 6-digit number, and the user enters this on the other device using the keypad ◦ The protocol splits the passkey into 20 bits and reveals one bit over 20 rounds of exchanges ◦ An eavesdropper can compute each bit of the passkey after it has been sent (thus, a passkey can only be used securely once) Pairing Algorithms
  • 10. Wi-Fi Protected Setup  Developed to address consumers’ credential configuration problem  Wi-Fi Protected Setup supports three setup methods: Push Button Configuration, PIN entry, and Out-of-band channel  Wi-Fi, or IEEE 802.11, is a Local Area Network standard. Usually deployed as an infrastructure network, which consists of one or more access points, and one or more mobile devices called stations. Each station forms a connection, called an association, with a single access point.  Wi-Fi attempts to address more complex relationships among wireless devices: The Wi-Fi scheme uses three different devices: the registrar, which is the network enrollment center; an access point; and an enrollee, which is the device being added to the network.  For security Wi-Fi uses the 802.11i standard, also called WPA2. WPA2 uses the IETF EAP protocol to mutually authenticate a station and the network and to derive a session key. The session key provides confidentiality, integrity, and origin authenticity for each frame that a station and its access point exchange. Thus, Wi-Fi security relies on a long-lived authentication credential being established between the station and the network.
  • 11. Wi-Fi Protected Setup  Push Button Configuration (PBC) ◦ The user pushes buttons on both the registrar and the enrollee devices. The button push causes both to initiate an unauthenticated Diffie-Hellman exchange ◦ Has no security in the standard model ◦ The method assumes that the Diffie-Hellman peer is the correct device, i.e., that a malicious active attacker is not present. ◦ There is no out-of-band channel  PIN ◦ The enrollee device has a four- or eight-digit PIN which is entered on the registrar’s keypad ◦ The PIN method uses the PIN as an authentication key to protect a Diffie-Hellman exchange ◦ The transfer of the PIN from the enrollee device to the registrar is the out-of-band channel for the PIN method ◦ A random eight-digit PIN represents 108 = 226.65 possibilities. However, the PIN protocol splits the PIN into two four-digit numbers. Each side commits to its value for each half of the PIN and exchanges  “Out-of-band” ◦ An alternate communication channel, such as an NFC channel, transfers some information between the registrar and the enrollee ◦ It is possible to obtain an arbitrary amount of security in the standard model, provided the user actively participates in protecting the alternate channel from attack
  • 12. Security Characteristics of Setup Models Source: Kuo, Cynthia, Jesse Walker, and Adrian Perrig. "Low-cost manufacturing, usability, and security: an analysis of bluetooth simple pairing and Wi-Fi protected setup." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2007.
  • 13. Pairing Process with NFC The telephone contains a BT device and an NFC reader The headset contains a BT device and an NFC Tag The telephone will start reading the NFC Tag with NFC technology. NDEF message on Tag will contain a Bluetooth carrier configuration data record: • Bluetooth address = Headset Device address • Generic access profile = Headset • Local name = “Cool Headset” 1. The headset starts Bluetooth advertising with its own ‘Headset device Address’ after the NFC Tag content is read 2. The telephone starts Bluetooth scanning for a device with ‘Headset device Address’ after it has read the NFC tag 3. Bluetooth link is established by a simple intuitive user interaction Pairing headset with telephone
  • 14. Mobile application scans the QR-code found in the back of the device to pair and connect the device to the user’s smartphone QR-Code Pairing
  • 15.  Onboarding ◦ Control the provisioning workflow ◦ IoT Device Management Templates ◦ Certificates and access policies  Organization ◦ Hierarchical model of your fleet ◦ Set policies on hierarchical basis ◦ Query the fleet on attributes (e.g. device type, firmware version)  Monitoring ◦ Telemetry - real-time connection, authentication, and status metrics  Remote Management ◦ Push new software and firmware ◦ Reset to factory defaults ◦ Reboot ◦ Bulk updates rollouts Overall architecture for handling device data Source: Jeff Barr, New- AWS IoT Device Management, in AWS IoT Device Management, AWS Re:Invent*, Internet Of Things*, 29 Nov 2017 https://aws.amazon.com/blogs/aws/aws-iot-device-management/
  • 16. Your R&D Team Recommended Resources  Bluetooth Core Specification (version 4.0), and Supplements  Bluetooth® Secure Simple Pairing Using NFC  NFC Forum Connection Handover Technical Specification  NFC Forum NFC Data Exchange Format (NDEF) Technical Specification  Cynthia Kuo, Jesse Walker, and Adrian Perrig, Low-Cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup
  • 17. Your R&D Team Thank You! Complicated Setup Process Frustrates the End-Users