Secure Group Communication in Constrained Networks. A Gap Analysis

Transcription

1 Tobias Guggemos, Nils gentschen Felde, Dieter Kranzlmüller MNM-Team Ludwig-Maximilians-Universität München Secure Group Communication in Constrained Networks A Gap Analysis IEEE Global IoT Summit 2017 Geneva, Switzerland 1

2 Motivation Since ~2013: Several and long discussions about Secure Group Communication in IETF working groups (DICE, ACE, ) 2

3 The Goal Toolbox for Secure Group Communication in constrained environments (e.g. IoT) 3

4 Motivation - Testbed Devices Arduino Uno Arduino M0+ Arduino Due ESP 8266 Raspberry Pi (v1-v3) Banana Pi Beaglebone Architecture ATmega328 ARM Cortex-M0+ ARM Cortex-M3 Tensilica L106 ARMv6 ARMv8 CPU 16 MHz 48 MHz 84 MHz MHz MHz RAM 2 KB 32 KB 96 KB 64 KB MB Flash 32 KB 256 KB 512 KB 1 MB Operating System RIOT OS RIOT OS RIOT OS Free RTOS Linux 4

5 Motivation 5

6 Motivation Is there any formal description for secure group communication in constrained networks? 6

7 What is Group Communication? Group communication includes most major IoT-related communication models 1:n communication 1:1 communication Securing groups can help securing IoT in general Group communication is a management problem! n:1 communication n:m communication 7

8 Question What is Secure Group Communication What is Secure Group Management 8

9 What is secure? Definition according to ISO/IEC 27000: information security preservation of confidentiality (2.13), integrity (2.36) and availability (2.10) of information NOTE In addition, other properties, such as authenticity (2.9), accountability (2.2), nonrepudiation (2.49), and reliability (2.56) can also be involved. [ISO/IEC27000, 2.30] 9

10 What does that mean for Group Communication? Definition according to ISO/IEC 27000: Property that information security information is not preservation of confidentiality: made confidentiality available or (2.13), integrity (2.36) and availability (2.10) of Data Encryption information disclosed to (usually symmetric) NOTE In addition, unauthorized (Group) other Key properties, Distributionsuch as authenticity (2.9), accountability (2.2), nonrepudiation (2.49), individuals, to authorized and reliability members (2.56) can also be involved. entities or processes [ISO/IEC27000, 2.13] [ISO/IEC27000, 2.30] 10

11 What does that mean for Group Communication? Definition according to ISO/IEC 27000: information security integrity: preservation of confidentiality (2.13), Cryptographic integrity (2.36) Signatures and availability (2.10) of information Property Group Integrity of accuracy and completeness Key Distribution(!!!) NOTE In addition, other properties, such as Sender authenticity [ISO/IEC27000, Integrity (2.9), 2.40] accountability (2.2), nonrepudiation (2.49), and reliability (2.56) can also be involved. PKI [ISO/IEC27000, 2.30] 11

12 What does that mean for Group Communication? Definition according to ISO/IEC 27000: information security availability: preservation of confidentiality (2.13), integrity (2.36) and Member Property availability can of being join (2.10) group of information Group accessible Management and usable (GM) upon AAIdemand NOTE In addition, other properties, such as authenticity (2.9), accountability (2.2), nonrepudiation (2.49), and reliability (2.56) can also be by an Secure authorized GM entity involved. [ISO/IEC27000, 2.9] [ISO/IEC27000, 2.30] 12

13 What does that mean for Group Communication? Definition according to ISO/IEC 27000: information security preservation of confidentiality (2.13), integrity (2.36) and availability (2.10) of information NOTE In addition, other properties, such as authenticity (2.9), accountability (2.2), nonrepudiation (2.49), and reliability (2.56) reliability: can also be involved. Property of consistent intended [ISO/IEC27000, 2.30] Reliable GM behaviour grant and and revoke results membership [ISO/IEC27000, 2.62] 13

14 What does that mean for Group Communication? Definition according to ISO/IEC 27000: information security preservation of confidentiality (2.13), integrity (2.36) and availability (2.10) of information NOTE In addition, other properties, such as authenticity (2.9), accountability: (2.2), nonrepudiation (2.49), and reliability (2.56) can also be involved. Assignment of actions Right Management and decisions [ISO/IEC27000, 2.30] to an entity join, leave, create,destroy send messages [ISO/IEC27000, 2.2] 14

15 What does that mean for Group Communication? Definition according to ISO/IEC 27000: information security preservation of confidentiality (2.13), integrity (2.36) and availability (2.10) of information NOTE In addition, other properties, such as authenticity: (2.9), accountability (2.2), nonrepudiation (2.49), and reliability (2.56) can also be involved. Property Signatures that with an entity is what it claims to be [ISO/IEC27000, 2.30] sender identification Identity Management Public Key Infrastructure [ISO/IEC27000, 2,2] 15

16 What does that mean for Group Communication? Definition according to ISO/IEC 27000: information security preservation of confidentiality (2.13), integrity (2.36) and availability (2.10) of information NOTE In non-repudiation: addition, other properties, such as authenticity (2.9), accountability (2.2), nonrepudiation Ability (2.49), to prove and the reliability (2.56) can also be involved. occurrence Sender Authentication of a claimed [ISO/IEC27000, 2.30] AND event Identity or action and its AND originating Public Key entities Management Message ID (Seq. Nr) Acknowledgement (?) [ISO/IEC27000, 2.54] 16

17 Gap Analysis 17

18 Current & Further Investigations Group (Key) Management G-IKEv2 (GDOI, GKMP) Group-DTLS Identity Management Public Key Management Confidentiality / Integrity DTLS IPsec Authentication / Non-Repudiation TESLA EMSS Identity Based Signatures (IBS) Lightweight Cryptography Elliptic Curves Walnut DSA Based on Lattices 18

19 Conclusion / Take Aways Secure Group Communication is a management problem We defined properties for Secure Group Management Analysis shows no existing IoT-aware solution Research requires a solid testbed: MNM-Team setup: 19

20 The End Curious? Tobias Guggemos MNM-Team Ludwig-Maximilians-Universität München 20

21 Testbed 21