Why IoT crypto-agility ‘matters’ - The EE

Why IoT crypto-agility ‘matters’

Matter, a new Internet of Things (IoT) standard for home devices is exemplifying the criticality of digital trust. It’s doing so by including an important security feature that will allow compliant devices to remain cryptographically secure for years to come: Crypto-agility.

As Tim Hollebeek, industry and standards technical strategist at DigiCert reports, Matter is a collaboration between industry giants and the Connectivity Standards Alliance (CSA), created to solve a singular problem for IoT home devices interoperability.

This is an enduring problem within the IoT. For example, one homeowner might own a smart doorbell from one vendor, a security system from another and a digital assistant from another. However, because of the proprietary siloing between these devices, many of these devices can’t interoperate.

This undercuts the very purpose of a “smart home”: A home in which the inhabitant can seamlessly digitally operate the functions of the house.

Matter intends to give them a common language with which to speak by offering a single communication standard that offers the basic technical specification for interoperation.

Crucially, Matter will do that by allowing those devices to talk securely and puts encrypted communications at the centre of its requirements.

Matter relies on widely recognised strong cryptographic primitives. For example, AES and SHA 256 will be used to protect confidentiality and integrity. Meanwhile, ECC with “secp256r1” curve will be used for digital signatures and key exchanges among other tasks.

While these primitives are suitably strong to protect the data of Matter devices on their own, the standard anticipates the day when that might change.

The standard was expressly designed with the Crypto-agility in mind to future proof against attacks Matter devices may suffer against their encryption. As such, it abstracts all cryptographic primitives so that they can be changed without requiring the transformation of the whole specification. Matters protocols are also designed to be modular so that they can be replaced or updated as new threats emerge.

Crypto-agility

Given the fundamental role that certain cryptographic assets and algorithms play in the protection of data, vulnerable assets will require quick replacement to maintain secure communications.

However, it’s often a cumbersome and slow process. Many can’t replace those assets with the speed they might require – due to the hardware and software specificities of underlying infrastructure. A full replacement or update of those assets often requires a significant uprooting of the infrastructures on which they run.

Crypto-agility means that cryptographic assets can be swapped quickly and without a fundamental redesign of the system around them. As such, it can respond to threats quickly and easily.

Modern encryption

While current-generation cryptography is extremely difficult to break with current-generation computers, that may not be true in the future. Quantum computing is on the horizon and that may pose a direct threat to the very foundations of current security.

The basis of secure communication on the internet is Public Key cryptography. This involves one public key and one private key. One key can encrypt, but the other one will be required to decrypt or verify the given piece of data, message or communication.

This has been what has kept online communications secure for decades. However, it has been theoretically breakable since 1994 when Shor’s Algorithm proved that this algorithm could be used to determine keys, thus defeating public-key encryption.

Until now, the amount of processing power needed to run that algorithm has been prohibitive. Quantum computing will change all that.

The quantum horizon

Quantum computing has made incredible strides in recent years. That change will usher in grand new discoveries and innovations in the years to come. But it will also disrupt many of the technologies that we’ve come to rely on such as the public-key cryptography that much of the world uses to protect their data.

This “quantum leap” can be boiled down to a seemingly simple but fundamental difference. Classical computing uses bits which may be composed of either a 0 or a 1 as its basic language. Quantum computing on the other hand uses Qubits, which can be composed of 0s, 1s or a third value which can simultaneously be both. It’s this difference which allows quantum computers to solve complex mathematical problems which would be impossible for classical computing.

According to The U.S. National Institute of Standards and Technology (NIST), a quantum computer running Shor’s algorithm will be able to defeat most of the encryption protocols currently in use such as RSA and Elliptic Curve encryption.

Some predict that this will not be an immediate threat for a few decades yet as quantum computing though possible will be difficult and expensive to realise for anyone but a handful of well-resourced actors.

Fortunately, Post-Quantum Cryptography (PQC) is already being developed so that organisations can protect themselves from the looming threat of quantum attacks. Still, it is important to note that technology adoption cycles can be very slow and threats can arise well before anyone has taken the steps to protect themselves from it.

Much of quantum defence will be about the ability to switch out and change encryption algorithms as and when they’re needed. That’s one of the key reasons why Matter is such a significant standard. Its crypto-agility means that home devices will be able to exchange or update their cryptographic protocols, when encryption-defeating risks like quantum arise.

Tim Hollebeek

Quantum might not be an immediate threat for years to come, but the cryptographic protocols it threatens underpin the most fundamental parts of internet security. For that reason, breaking encryption is a goal that few adversaries would forgo and even the most relied-upon algorithms have been proven to be fallible under the right circumstances. Even Post-Quantum algorithms have been publicly defeated.

Matter is making moves in the right direction. It is not just doing that by providing strong encryption for home device communications, but ensuring that when that encryption is defeated, those devices can adjust to a changing threat landscape.

The author is Tim Hollebeek, industry and standards technical strategist at DigiCert

Follow us and Comment on Twitter @TheEE_io

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close