2019年11月5日星期二

How to create a more secure Internet of Things with white box cryptography?

White box password technology how to create a more secure Internet of Things, to promote the rapid development of things? Let's take a look at five ways to develop and change the Internet of things with Whitebox cryptography:

First, the development of white box password

Internet of Things led the third revolution in the information industry, showing the full coverage of the explosive growth of the industry, on the other hand because too much into people's lives, security issues so that users and manufacturers are very concerned about the process of development of the Internet of Things Hinder The development of network information security for many years, what kind of security IoT now?

The Internet of Things (IoT) can be divided into a perceptual layer, a network layer and an application layer from a large architecture. The IoT is a network that includes a large number of sensor devices and is interconnected by a complex integrated network formed by Wi-Fi, Bluetooth, ZigBee, 4G LTE and the like. App side for application control to provide the right service. The composition of the Internet of things, the network layer contains a large number of network devices, involving a variety of communication protocols, computing infrastructure involves cloud computing, storage, application scheduling, these aspects of security risks and security measures, after experiencing the Internet and mobile After the development of the Internet have a certain degree of security research, there has been a corresponding security architecture and a large number of security products. However, in the perception of IoT, embedded system development has always been a relatively low-profile and independent area. There is less integration with the Internet, no access, no understanding of the dangers and risks of cyberspace, and the less developed security measures. The other Because of the limitations of small hardware and software resources in embedded systems, the original Internet security tools are also harder to migrate directly to the perceptual layer.

Corresponding to the perceived layer of security protection is inadequate, but the perception layer as an extension of the original network as a new attack and risk points, the risk of attacks on the rise. How to implement a safe and effective protection measure on a large number of perceptual devices, white-box cryptography is emerging and attracts more and more attention. White-box cryptography subverts many limitations of traditional cryptography on attackers' abilities and is more in line with the security threats in real life.

Second, the white box password change Internet of Things 5 ​​ways

1, greatly enhance safety

IoT-aware devices typically require cryptographic protection for system security, data access, and messaging. However, the sensing device is usually in a white-box attack environment. Traditional cryptographic algorithms can not be used safely or even become extremely fragile in a white-box attack environment. The key becomes a single point of failure for any cryptosystem to implement a protection system. In current attacks, it is easy to obtain passwords by disassembling binaries, static analysis, controlling the operating environment, using control CPU breakpoints, observation registers, memory analysis, and so on. In the existing case we have seen that in unprotected software, key-extraction attacks usually successfully extract key codes stored in a text data array within a few hours.

White-box cryptographic algorithm is a new cryptographic algorithm, which is different from the traditional cryptographic algorithm in that it can resist attacks in the white-box attack environment. The white-box password allows the key information to be fully hidden and prevents snooping, thus ensuring the secure application of the original cryptographic system in the perceptual device, greatly improving security.

2, significantly reduce costs

As an emerging market explosion, the Internet of Things has given the world a sluggish economy a breakthrough and breakthrough point. However, the Internet of Things is more of a cost-sensitive consumer market such as wearable devices, smart home, healthcare, and smart transportation. For example, we have already seen the fierce price war in the embedded Wi-Fi chip market. The traditional Wi-Fi solution cost more than 40 yuan and dropped to about 30 yuan in early 2014. In mid-2014, the price dropped to about 20 yuan and later retreated Only 10 yuan up and down. It is estimated that the competition will further intensify in 2016.

In order to protect the security of the sensing device and to protect the key security, there are corresponding hardware solutions. However, under such a competitive landscape, the hardware solution inevitably increases the manufacturer's cost burden and even leads to the neglect of security issues due to the cost. White box password as a software solution, the corresponding hardware solutions naturally have the advantage of low cost.

3, software-defined security

Gartner, for the first time in the release of its 2014 Top Ten Technologies and Trends, presented the strategic software-defining technology - not a concept, but a real technology evolution.

White-box cryptography as a software-defined security has entered the bottom of the field of basic chip security. Comparison of hardware to provide security, white box password technology using obfuscation techniques and a variety of mathematical theory in the ongoing breakthroughs and research, the future there is still much room for development; at the same time for IOT devices emerging new attacks, white box password as software More flexible dynamic response can be integrated with other security measures, update and upgrade more convenient and fast.

4, more pure credible relationship

Mobile payment as a financial application represents a higher level of security. Research Mobile Payment Security We found that hardware SE and TEE are often used to save and execute more sensitive data and processes for security. But few people think that, SE and TEE as security components need to be managed, such as the TSM platform, and the platform manager may be third-party, chip makers, handset makers, etc. Another example TEE development SDK, Tripartite; as well as security components they are shared, the above are generally running a number of financial institutions procedures, of course, is a safe isolation mechanism. But from there we still feel a lot of participants in the application, too long and complex relationship of trust.

White box password applications without the participation of all types of providers, and can be an exclusive application, data and security can be better controlled by the application developer, the current HCE cloud payment using a white box protection scheme. White-box cryptography builds a simpler, more pure, trustworthy relationship both in management and technology.

5, accelerate the development of Internet of things

The development of the Internet of Things is like a science fiction movie being staged, beyond the daily thinking of people, in addition to continuously face the surprises and even learn to live. The Internet of Things (IoT) covers a wide range of areas in life, such as car, home, medical, finance, energy, transportation, industrial production and so on. In terms of technology implementation, each field involves the IoT three- Mobile APP, cloud, communications and other security and safety.

Marine Alternator

Marine Alternator,Electric Parts Alternator,Alternator For Ship Boat,Alternator For Marine Engine

Chengdu Huachuan Electric Parts Co., Ltd. , https://www.chcd-global.com

没有评论:

发表评论