An ecosystem of Internet-tethered devices underpins many of the services the world relies on today. But this connectivity comes with a major caveat in that services can be brought to naught with a simple security breach. The largest ransomware attack on a major U.S. pipeline last year involved a single password leak. The breach was grave enough to force the pipeline company to temporarily halt its operations, sending fuel prices soaring for weeks.
Statista projects the total installed base of IoT-connected devices to reach 30.9 billion by 2025. Depending on the use case, a security breach can cause major disruptions or even disasters. So in the Internet of Things era, it is crucial to ensure that only trustworthy devices are connected to the Internet. This is where device authentication comes into the picture.
What Is Device Authentication and Why Is It Necessary?
Device authentication is a security framework that establishes trust in the identity of a device to protect data and restrict access. In the absence of such a system to ascertain the identity of a device and that of the user, your network, information and other devices connected to the network are all at the risk of cyberattacks and information breaches.
Here's a look at some of the challenges associated with IoT device security:
IoT devices are too diverse to have a universal standard for cybersecurity. With multiple manufacturers following different cybersecurity standards, the arena is incredibly fragmented. Security often takes a back seat in the rush to bring new devices to the market. Such a blinkered approach can make the information, devices, and networks vulnerable to security breaches and cyberattacks. The IoT devices themselves communicate with each other using a diverse set of technologies, which makes it challenging to implement standardized security methods and protocols effectively.
The limited computational ability of some IoT devices leaves little room for robust data protection and countermeasures against cyberattacks. Sometimes the devices rely on archaic legacy systems that no longer support modern security practices. Nefarious actors can exploit these vulnerabilities to circumvent firewalls, access private networks, and steal sensitive data within the system. In essence, compromised devices compromise the systems they connect to.
Poor security practices of users increase the vulnerability of their IoT systems. Weak password usage, inadequate update patches, improper device management—all fall under this category. It doesn’t matter what next-generation technology you have in place, things can still go south if the humans handling it are not wired against scams or have their guard up constantly. The Ryuk/Conti ransomware attacks on medical devices at the height of the Covid pandemic in the U.S. exploited the poor security practices of the concerned companies.
Device Authentication Methods
Devices need to establish their identity before they can exchange information with each other or with a central server. Various authentication methods enable devices to authenticate and establish their identity with the central server. Let’s look at some of the commonly used authentication mechanisms used in the IoT context.
Shared Secret Authentication (Symmetric)
Shared secret authentication is an authentication model where some shared secret data, known only to the entities involved in the communication, is used as proof of identity for authentication. Challenge-response shared secret is the most commonly used method in symmetric authentication. When a challenge (question) is posed by one party, the other party must reply with the correct response (answer) to be authenticated. Passwords are the most common shared secrets (a popular alternative being SAS tokens).
Password authentication works on the basis of a shared secret password. Devices are embedded with a serial number and password during their design. They present this serial number and corresponding password to the server they want to connect with. The server authenticates the device if this information matches the information stored on the server. When it comes to passwords, the old rule applies—the longer and more complex, the better. But given how passwords are prone to phishing and theft, an authentication method based on them is still weak.
Public Key Encryption (Asymmetric)
Public Key Encryption (PKI) involves a pair of keys, one private and one public. Devices use their respective private keys to sign digital content before relaying it to the server. In the server, the public key of those devices is used to verify the sender. Public keys require only limited protection against modification as they are designed to be disclosed. Since they can be generated by anyone, a foolproof mechanism is required to establish the identity of the public key’s owner. Maintaining a trusted and secure directory of validated public keys can help with this. Unlike public keys, private keys must be protected from disclosure. Security of private keys can be enhanced by integrating hardware security modules (HSM) with the device.
X.509 is a digital certificate used to identify and authenticate devices. It is based on public key infrastructure (PKI), a cybersecurity standard for verifying identities and ensuring the integrity of server-client interactions. A system of certificate chain—a nested structure of servers and devices that maintain a list of trusted root certificates—enables delegation of authority in issuing identity certifications. X.509-based authentication is more secure than any symmetric authentication and is the de-facto standard for authenticating IoT devices today. The downside of this authentication system is that certificates have a life cycle and have to be properly managed.
Cryptographic hardware modules make systems even more secure. Standards such as Trusted Platform Module (TPM) are accelerating the adoption of hardware-based cryptographic systems.
Hardware Security Module
Hardware Security Module (HSM) is a dedicated device for provisioning, storing, safeguarding, and managing cryptographic keys. Made of specialized hardware with limited network access, it provides a tamper-resistant environment for cryptographic operations such as encryption, decryption, and authentication. HSMs can store and evaluate digital certificates like X.509 certificates and SAS tokens. They also provide added security for device secrets over traditional memory devices. Online banking applications deploy HSMs to generate and verify PINs, validate cards, etc. HSMs can be used with any application that requires digital signing.
Trusted Platform Module
Trusted Platform Module (TPM) defines an HSM standard for secure cryptoprocessors. This standardization has helped a whole ecosystem of hardware and software tools based on TPM to flourish. Operating Systems such as Windows 11 mandate TPM 2.0 modules in the machine, fueling its adoption. TPM implementations are available as cryptographic processors from vendors such as Microchip and STMicroelectronics. TPM cryptoprocessor secures the device through integrated cryptographic functions and key management and secures devices from ransomware and firmware attacks. Tamper-proof TPM ensures that encryption and decryption of data on its host device is always safe.
Anything that can go wrong will go wrong. Nowhere does Murphy’s law apply as much as in the case of the Internet of Things. It is evident that preventing cyber attacks takes a village. But it all starts with an efficient device authentication system. Yet no technology is 100% fail-safe as Murphy's law indicates. For reasonable safety, stringent security practices and standard operating procedures have to go hand in hand with the right technology.