Security in the IoT is one the main concerns for municipalities as Smart Cities projects start being a reality. In the next article, we will expose what is the security proposal developed by Libelium for its sensor devices and gateways: Waspmote, Plug & Sense! and Meshlium
In the current article we get into the four main features of Security:
- Privacy: ensure that only the desired sensor devices and gateways are part of the network
- Authenticity: ensure that the supposed sender is the real sender
- Confidentiality: ensure that the data is only readable by the proposed destination
- Integrity: ensure that the information contained in the original message is kept intact
Gateway to Cloud (Secure Web Server – SSL-HTTPS-SSH) [Encryption Level 4 – E4]
The Gateway (Meshlium) use SSL certificates to send the information to the different Cloud Servers. It is the same security scheme as we use with our browsers when we connect to our bank website.
Most common combination scenarios:
- E1 + E2 + E4
- E1 + E3 + E4
The most secure scenario would be the one using a combination of all of them: E1 + E2 + E3 + E4 although it would reduce the payload (we would be sending fewer bytes of information per packet).
Key Renewal (Asymmetric Encryption) [Encryption Level 5 – E5]
Prior to starting with the software encryption with AES 256, we need to share a key between each node (origin) and the Gateway or the Cloud Server (destination). To do so we can encrypt the new key using RSA 1024 using both Public/Private keys. This way, we ensure authentication, confidentiality and message integrity (as we add also a seed along with the key to generate randomness in the packet transmission). Once we get the shared key we will use it to start encrypting the sensor information as seen in the previous diagram as AES it ensures the maximum performance and and minimum message overload.
The same process is done when we want to renew the AES key.
Common security issues solved with these 5 Encryption Levels:
- Access Control (Privacy)By using AES 128 in the link layer we ensure that only nodes with the shared key can access to the routing capabilities of the sensor network. If a strange node sends a message to the network the message will be discharged in the first hop so no extra communication resources will be used. The AES 128 algorithm is implemented in the same radio using specific hardware, for this reason, the information will be automatically discarded and not even send to the microcontroller. This provides an extra layer of security as the main control unit of the node will not be interrupted from performing basic tasks or event not awaken from the sleep mode (what ensures optimum energy usage).
By using its own private keys (AES / RSA) each node ensures the authenticity of the of origin. The Gateway or the Cloud may store all the public and shared keys of the devices so that they can check the packet has been sent by the supposed origin.
- Data Confidentiality
By doubling encryption of the messages we ensure that first that only the nodes which form part of the network can see the general routing packets (AES 128 in the link layer) and after that, we establish an encryption tunnel by direct P2P encryption between origin and destination (using AES 256).
- Data Integrity
The new library uses hash algorithms such as MD5 and SHA to create the checksum of the message and to ensure that the final information received correspond with the original sent.
- Data Freshness (avoiding packet injection)
Each packet has an exclusive seed which protects the gateway from receiving several identical packets which could be injected from a third party.
By signing the messages with RSA keys we have also the legal proof that the information sent really was sent by a specific sensor node and not by other. Important in the future when all the sensitive sensor information has to be legally approved.
If you are interested in purchase information, please contact us.