Paul Kocher, the President and Chief Scientist of Rambus’ Cryptography Research division, moderated the RSA Cryptographers’ Panel on February 14, 2017.
Participants, including Adi Shamir, Whitfield Diffie, Susan Landau and Ronald Rivest, discussed the latest advances and revelations in cryptography, including research areas to watch in 2017 and new threats facing the field of cryptography. Kocher also participated as a judge in the RSAC Innovation Sandbox Contest on February 13.
As we’ve previously discussed on Rambus Press, Paul Kocher has designed numerous cryptographic applications and protocols that are successfully deployed in real world systems. His work includes co-authoring the widely used SSL 3.0 standard and discovering Differential Power Analysis (DPA). A major focus of his current work is to improve the security foundations provided by complex semiconductor chips, with the aim of harnessing the advances fueled by Moore’s Law to improve security.
In addition to the above-mentioned panels, we showcased our Internet of Things (IoT) security service and technology in booth #N4213 (North Expo). The demo highlighted our security-focused features which include mutual authentication and encrypted communication capabilities embedded into Qualcomm’s SnapdragonTM 820 processor and QCA4010 Wi-Fi chip. These unique features, enabled by our CryptoManager platform, helps protect IoT devices from being exploited by hackers in malicious botnets and prevents IoT cloud services from being attacked by cloned devices.
As more and more “things” connect to the Internet, the danger of nefarious attackers exploiting unsecured devices looms ever larger. Indeed, DDoS flooding attacks – which seek to disrupt legitimate access to online services – have been deemed “one of the biggest concerns” for cyber security professionals.
Protecting Internet infrastructure companies and services from DDoS attacks can be quite challenging, as it is often difficult to shield the IP layer from a concerted cyber offensive. However, it is important to note that the impact of DDoS attacks can be significantly mitigated by safeguarding vulnerable IoT endpoints. Put simply, protected IoT endpoints act as a critical bulwark against nefarious botnets that exploit and recruit hundreds of thousands of defenseless “zombie” devices.
For instance, an attacker cannot add a device to a botnet without establishing an unauthorized communication channel. Allowing only legitimate, verified cloud services to communicate with IoT devices will help prevent the creation of such rogue channels. This paradigm, facilitated by a hardware root-of-trust, ensures that each IoT device is uniquely and cryptographically verified to determine if it is authorized to connect to a specific service. Infected and hijacked devices that are not authenticated are denied access to the service – reducing the overall effectiveness (and damage) of a DDoS attack on a provider and other services.
It should be noted that an embedded hardware root-of-trust can also be used to help minimize vulnerabilities discovered in IoT products after deployment by providing a secure device management framework to push over-the-air (OTA) patches and firmware updates.
Interested in learning more about IoT security? You can check out our CryptoManager platform product page here.