As industrial applications drive the next major growth phase of the Internet of Things (IoT), there are growing concerns about how the data that flows through its ecosystems is created, validated, protected, transported, shared, and analyzed. Cryptography is the foundation for addressing these issues, but many vendors concentrate on building market share by paring costs rather than implementing security. As a result, many IoT devices are inadequately protected from hacking, which threatens the security of the IoT ecosystem and other networks to which it connects.
Internet security, privacy, and authentication are not new issues, but IoT presents unique security challenges.
First, many IoT devices have limited processing power and memory, yet robust cryptography involves substantial computational power and needs memory to store temporary or permanent encryption keys.
One solution is to give every IoT device a unique and unclonable identifier by deriving it from the microscopic physical differences between silicon chips caused by manufacturing process variations across a wafer. Such an identifier can substitute for stored encryption keys, saving memory.
IoT devices with unique identifiers can communicate securely with cloud-based servers that carry out data analysis and decision-making within IoT ecosystems. However, it is critical that devices and servers can authenticate that they are communicating with legitimate members of their ecosystem. This is usually handled using digital signatures and public key infrastructure.
A central server protects the IoT network. Credit: Dr. Charles Grover
Digital signatures can also protect against denial-of-service (DoS) attacks, in which malicious actors prevent devices from working properly by creating a fake server to intercept signals sent ..
Support the originator by clicking the read the rest link below.