Last week, Rambus showcased its IoT security service and technology in the Qualcomm Technologies booth (#10948) exclusively at CES® 2017 in Las Vegas. The service and technology offerings by Rambus are designed to take advantage of security-focused features in Qualcomm Technologies’ chipsets to facilitate protected IoT communication and lifecycle management.
Search Results for: IoT security
Minimizing IoT DDoS attacks: Rambus Showcases IoT Security Demo with Qualcomm Technologies at CES 2017
Last week, Rambus showcased its IoT security service and technology in the Qualcomm Technologies booth (#10948) exclusively at CES® 2017 in Las Vegas. The service and technology offerings by Rambus are designed to take advantage of security-focused features in Qualcomm Technologies’ chipsets to facilitate protected IoT communication and lifecycle management.
Image Credit: CES
This demonstration showcased Rambus and Qualcomm Technologies’ efforts on a unique use case highlighting a smart city application. The demo featured both companies’ technologies, illustrating how their combined solutions can provide a more robust and secure IoT end point compared to similar offerings without such solutions. The Qualcomm® SnapdragonTM 820 processor and the QCA4010 Wi-Fi chip were connected to an IoT cloud service using a protected link while Rambus’ CryptoManager security platform was utilized to illustrate how IoT devices can be safeguarded to significantly reduce service vulnerability to Distributed Denial of Service (DDoS) attacks.
With Qualcomm Technologies’ historic success in embedded hardware processors and Rambus’ success in security-oriented technology, the demo further showcased the combined elements help develop next-generation IoT security features for smart city applications. The CES demo highlighted Rambus’ superior security-focused features which include mutual authentication and encrypted communication embedded into select processors from Qualcomm Technologies. These unique features protect IoT devices from being used by hackers in malicious botnets and prevents the IoT cloud service from being attacked by cloned devices.
As more and more “things” connect to the Internet, the danger of nefarious attackers exploiting unsecured devices looms ever larger. Indeed, DDoS flooding attacks – which seek to disrupt legitimate access to online services – have been deemed “one of the biggest concerns” for cyber security professionals.
Protecting Internet infrastructure companies and services from DDoS attacks can be quite challenging, as it is often difficult to shield the IP layer from a concerted cyber offensive. However, it is important to note that the impact of DDoS attacks can be significantly mitigated by safeguarding vulnerable IoT endpoints. Put simply, protected IoT endpoints act as a critical bulwark against nefarious botnets that exploit and recruit hundreds of thousands of defenseless “zombie” devices.
For instance, an attacker cannot add a device to a botnet without establishing an unauthorized communication channel. Allowing only legitimate, verified cloud services to communicate with IoT devices will help prevent the creation of such rogue channels. This paradigm, facilitated by a hardware root-of-trust, ensures that each IoT device is uniquely and cryptographically verified to determine if it is authorized to connect to a specific service. Infected and hijacked devices that are not authenticated are denied access to the service – reducing the overall effectiveness (and damage) of a DDoS attack on a provider and other services.
It should be noted that an embedded hardware root-of-trust can also be used to help minimize vulnerabilities discovered in IoT products after deployment by providing a secure device management framework to push over-the-air (OTA) patches and firmware updates.
Interested in learning more about IoT security? You can check out our CryptoManager platform product page here, our article archive on the subject here and our white paper here.
##
Qualcomm and Snapdragon are trademarks of Qualcomm Incorporated, registered in the United States and other countries.
Qualcomm Snapdragon and QCA4010 are products of Qualcomm Technologies, Inc.
Rambus to Demonstrate IoT Security Technology in Qualcomm Booth at CES
Demonstration showcases ability to minimize DDoS attacks through secure connectivity, monitoring and provisioning of IoT endpoints
LAS VEGAS, Nevada – January 3, 2017 – Rambus (NASDAQ:RMBS) today announced it will showcase its IoT security service and technology designed to deliver secure communication and lifecycle management. This demonstration utilizes the Rambus CryptoManager security platform and highlights how IoT devices can be secured to significantly reduce service vulnerability to Distributed Denial of Service (DDoS) attacks.
This demonstration, highlighting a smart city application, features the Qualcomm® SnapdragonTM 820 processor and QCA4010 Wi-Fi chip, that are connected to an IoT cloud service using a protected link. The Rambus technology enables seamless security-focused features which includes mutual authentication and encrypted communication. These unique security features protect IoT devices from being used by hackers in malicious botnets, and prevent the IoT cloud service from being attacked by cloned devices.
The first public demonstration of this technology will be showcased exclusively in the Qualcomm Technologies, Inc.’s booth (#10948) at CES® 2017 in Las Vegas, January 5-8, 2017. For more information on the CryptoManager platform, please visit www.rambus.com/cryptomanager.
About Rambus Security Division
The Rambus Security Division is dedicated to providing a secure foundation for a connected world. Integrating technologies from Cryptography Research, Bell ID and Ecebs, our innovative solutions span areas including tamper resistance, content and media protection, network security, mobile payment, smart ticketing and trusted transaction services. Our technologies protect nearly nine billion licensed products annually, providing secure access to data and creating an economy of digital trust between our customers and their customer base. Additional information is available at rambus.com/security.
About Rambus Inc.
Rambus creates innovative hardware and software technologies, driving advancements from the data center to the mobile edge. Our chips, customizable IP cores, architecture licenses, tools, software, services, training and innovations improve the competitive advantage of our customers. We collaborate with the industry, partnering with leading ASIC and SoC designers, foundries, IP developers, EDA companies and validation labs. Our products are integrated into tens of billions of devices and systems, powering and securing diverse applications, including Big Data, Internet of Things (IoT), mobile, consumer and media platforms. At Rambus, we are makers of better. For more information, visit rambus.com.
Press Contact:
Agnes Toan
Rambus Corporate Communications
(408) 462-8905
[email protected]
The evolving requirements of IoT security
Ed Sperling and Jeff Dorsch of Semiconductor Engineering recently penned an article about the future of IoT security. Specifically, the two journalists highlighted the distributed denial of service attack (DDoS) against Dyn which saw waves of attacks created by Mirai malware.
“Connected devices of all sizes can [now] be amassed into an army of bots that can bring even giants like Amazon and Netflix to a dead stop,” they explained. “This attack was predicted and warned against by numerous security experts since [Mirai] was published as open source code several months earlier, but that did little to stop its progression.”
The evolving requirements of IoT security
Ed Sperling and Jeff Dorsch of Semiconductor Engineering recently penned an article about the future of IoT security. Specifically, the two journalists highlighted the distributed denial of service attack (DDoS) against Dyn which saw waves of attacks created by Mirai malware.
“Connected devices of all sizes can [now] be amassed into an army of bots that can bring even giants like Amazon and Netflix to a dead stop,” they explained. “This attack was predicted and warned against by numerous security experts since [Mirai] was published as open source code several months earlier, but that did little to stop its progression.”
According to Sperling and Dorsch, there are not enough layers of security being built into electronics to stop these kinds of problems, and no standard way of creating them.
“What’s interesting here is that the most recent attack went well beyond the usual software and network breaches. It targeted the firmware inside [connected] devices that were secured by weak passwords. And most security experts believe this is just the beginning,” the journalists observed. “[Nevertheless], digging into firmware is more difficult because it requires access to software stored and, frequently, hidden within a chip. That’s why systems companies park their SSL keys there, along with a history of private keys that can work with those SSL keys.”
Yet, security can be compromised if the keys leak.
“If you can crack into a key, you can replace the software and remotely control the device,” Asaf Ashkenazi, senior director of product management in Rambus’ Security Division told Semiconductor Engineering. “Keys are the Holy Grail for hackers.”
Many attacks against keys require a physical component, such as a grinder, physical probes and a scanning electron microscope.
“That’s an invasive attack,” said Ashkenazi. “There also are combination attacks, where you reconstruct keys from a string of bits, not from the software.”
In addition, keys can be extracted via side-channel attacks which utilize passive methods to pick up and monitor electromagnetic activity. Indeed, as we’ve previously discussed on Rambus Press, all physical electronic systems routinely leak information about their internal process of computing.
In practical terms, this means attackers can exploit various side-channel techniques to gather data and extract secret cryptographic keys from IoT endpoints. Regardless of specific instruction set architecture (ISA), most industry security solutions on the market today can be soundly defeated by side-channel attacks. Even a simple radio is capable of gathering side-channel information by eavesdropping on frequencies emitted by electronic devices. In some cases, secret keys can be recovered from a single transaction clandestinely performed by a device several feet away.
Worryingly, millions, if not billions, of connected IoT endpoints are powered by chips that are vulnerable to side-channel attacks. Such unprotected silicon can be found in a wide range of electronic devices including wearables, medical equipment, vehicles, smart appliances and rapidly evolving smart city infrastructure. Fortunately, specific DPA countermeasure strategies can be employed to protect IoT devices and related infrastructure. These include techniques to minimize information leakage, generating noise to drown out leakage signals, the use of randomness to mask computational intermediates, algorithm and implementation obfuscation as well as the use of protocols designed to preserve secrecy even in the presence of (some) leakage.
Interested in learning more? The full text of “What’s Next for IoT Security?” can be found on Semiconductor Engineering here. You can also check out our DPA countermeasures page here and our article archive on the subject here.
IoT security spending to hit $348 million in 2016
Gartner analysts have confirmed that global spending on Internet of Things (IoT) security will reach $348 million in 2016 – marking a 23.7 percent increase from $281.5 million in 2015. Although overall spending is expected to be moderate, at least initially, Gartner analysts say IoT security market spending will increase at a faster rate after 2020, as improved skills, organizational change and more scalable service options improve execution.
