Talking about the blue ocean strategy of Iot Security

Talking about the blue ocean strategy of Iot Security

0 × 00 Preface

In the past two years, the mobile phone market has shrunk, and global chip manufacturers are no longer able to maintain their competitiveness in the mobile phone field. Iot is the next blue ocean after mobile phones. Therefore, how to implement Iot security is worth thinking of information security workers.

Iot is an emerging industry. It is very important to know the current industrial technical standards and the degree of application popularization in the future. So as to determine the scope of this article. What are the standards of various vendors as IOT chips?

Where are their advantages? The following table provides answers:

 

Of course, there are also WiFi and Bluetooth technologies, but they all have fatal bottlenecks, so they are not suitable for the future development of IoT technology. WiFi (no more than 16 connections to smart devices) Bluetooth (high power, limited connection distance ).

After the above analysis, Zigbee is a very costly Iot standard. Therefore, we need to determine Zigbee for Iot security.

0 × 01, zigbee Security Analysis

From the perspective of the convergence of the Internet and the Internet of Things, design scenarios, and control the switch of lights at home in other places. We need to connect to the Internet. Therefore, cloud-based security also needs to be considered. These white hats who have been on the battlefield do not have to say too much about their ideas. You can study the rest api call method. But it is not the scope of this article.

Test Environment setup:

 

 

Based on the above network architecture diagram, you can start from the following aspects:

(1) purchase the zigbee Development Board to learn about the communication protocol between the zigbee Coordinator (IoT gateway) and the zigbee End Device. (2) code audit zigbee protocol stack source code ZStack, whether there is a local sensitive information storage vulnerability.

Use the analysis tool to introduce you:

(1) Ubiqua Protocol Analyzer this tool can Decode zigbee-related communication protocols. Of course wireshark can also. (2) IAR Embedded Workbench this tool is developed for zigbee Iot devices. Embedded device development tool, zigbee principle: in fact, it is 51 single-chip microcomputer or the collection device on the arm Chip Control Board receives the returned data, and then sends and receives the data through the zigbee protocol Wireless RF communication module.

The coordination function is added to the IoT gateway. The underlying layer uses the 6Lowpan protocol for interconnection. Unlike traditional link layers such as Ethernet and 802.11, standard IPv6 cannot be directly built on the 802.15.4mac layer. Therefore, an intermediate layer must be added between the IPv6 network layer and the 802.15.4mac layer, that is, the adaptation layer. The main functions of the adaptation layer are compression, fragmentation and reorganization, and Mesh routing. The network layer uses the IPV6 protocol, the transport layer uses TCP or UDP, and the application layer Socket interface. Connect to WiFi through the traditional TCP/IP protocol. The interconnection between the Internet and Iot is realized.

Note: 6Lowpan is the abbreviation of IPv6 over Low-power wireless Personal Area Networks. It is an Iot standard system developed by IETF. Its Physical Layer and MAC layer adopt the 802.15.4 standard, the network layer uses IPv6, the transmission layer uses UDP, and the application layer uses low-cost CoAP.

At the same time, it is necessary to know how the security part of the zigbee protocol is implemented?

Zigbee encryption technology has two considerations:

(1) network transmission architecture (2) encryption and decryption Security Mechanism

 

 

 

/* Default security key .*/

-DDEFAULT_KEY = "{0 × 01, 0 × 03, 0 × 05, 0 × 07, 0 × 09, 0x0B, 0x0D, 0x0F, 0 × 00, 0 × 02, 0 × 04, 0 × 06, 0 × 08, 0x0A, 0x0C, 0x0D }"

 

 

Of course, if you have developed a zigbee device, you still need to decompile the firmware to find the encryption key.

Use encryption means: symmetric key encryption and decryption AES-128 bit

 

 

Master Key: used in combination with the establishment of the ZigBee symmetric Key (SKKE) process to derive other keys, that is, A device must have a trust center (one and only trusted device in the ZigBee network, responsible for key distribution and management, and network establishment and maintenance) the generated CMK can be used to derive the network key and link key from other devices. It can be set by the trust center or based on the user's access data, such as the personal identification code (PIN ), password, password, and other information;

Network Key: used to protect the confidentiality and integrity of broadcast and group data. It also protects Network Authentication and is shared by multiple devices on the Network, only used in broadcast messages;

Link Key: used to protect the confidentiality and integrity of unicast data between two devices. It is only held by two devices in the communication, A single device requires multiple connection keys to protect each end-to-end session.

0 × 03. How to prevent attacks against the zigbee protocol?

After research, we can find that the current zigbee protocol is still relatively secure, and the network sniffer cannot crack the AES128 encryption protocol. The only way to crack is to find the default firmware key and seek to crack it.

For how to prevent firmware cracking, refer to the wifi firmware cracking ideas. This article will not discuss it any more. However, as a security information worker, it is great to make a security development kit SDK integrated on the IoT Gateway, or directly solidify the coding to the hardware chip, similar to the XX IoT security inside. Currently, no major security vendors have related product plans.