Latest from Automation

Automation

The Robotics Revolution in Retail

April 4, 2024

Industrial

Modular Industrial Raspberry Pi Delivers Flexible Customization

March 25, 2024

Machine Learning

Edge AI Unlocks a Safer World with Smarter Video Cameras

March 21, 2024

Test & Measurement

Rotary Encoder Wheels Perform Linear Position and Speed Sensing

March 18, 2024

Automation

What’s the Difference Between Supercapacitors and Battery-Based UPS?

March 13, 2024

Embedded

System-on-Modules Speed IIoT App Development

March 5, 2024

Test & Measurement

Go Beyond the Standard with Customizable PXle Systems

March 5, 2024

Software

COTS and OSS Promote Cost-Effective Custom Vision-System Design (Part 1)

March 4, 2024

Network Technologies for Functional Safety Communications in Industry 4

Automation

Mastering the Black Channel

Feb. 29, 2024

Implementing BLE Security in IoT Applications (.PDF Download)

Oct. 2, 2018

One of the biggest challenges while designing Internet of Things (IoT) applications is security. IoT devices talk over the air and can potentially expose all control and status information, as well as private user data. Instead of making lives easier, unsecured IoT devices potentially put human life and assets at risk. Imagine someone hacking into a home lighting control system to track when users are home and then breaking into the house. Or imagine someone trying to forge your identity and use to it to open your smart lock.

Three things must be implemented to secure IoT devices:

Mechanism to hide device's identity from unauthorized devices: Identity protection is essential to safeguard users from someone tracking their physical location. Without sufficient protection, IoT devices put users at risk of a privacy breach and possible physical or financial threat. It’s similar to someone following you based on your car's registration number.

Protection against passive eavesdropping: Passive eavesdropping is the process of listening to private communications between two devices. A passive eavesdropper quietly listens to communications and doesn’t alter the data. One such example is shown in Figure 1. Here, Pushek and Sachin are trying to have a private communication and a passive eavesdropper, Ashish, is listening to the communication without their knowledge.

Protection against man-in-the-middle attacks: Man-in-the-middle (MITM) attacks are the most serious among all security threats. In this case, a third device called the MITM attacker not only listens to the private communication between two devices, but can mimic either device and alter the data. Figure 2 shows one such example.

Hiding Device Identity from Unauthorized Devices

Bluetooth Low Energy (BLE) devices use a 48-bit address. If this address can be decoded by another device, that device can track the presence of the device. BLE makes it difficult for an un-trusted device to track by address by frequently changing the address. This is done using an Identity Resolving Key (IRK) that’s available only to trusted devices. An IRK is shared between trusted devices during the pairing process after the link is encrypted. It’s then stored internally as part of the bonding process. Such an address is called a Resolvable Private Address (RPA).

Download

Latest from Automation

The Robotics Revolution in Retail

Modular Industrial Raspberry Pi Delivers Flexible Customization

Edge AI Unlocks a Safer World with Smarter Video Cameras

Rotary Encoder Wheels Perform Linear Position and Speed Sensing

What’s the Difference Between Supercapacitors and Battery-Based UPS?

System-on-Modules Speed IIoT App Development

Go Beyond the Standard with Customizable PXle Systems

COTS and OSS Promote Cost-Effective Custom Vision-System Design (Part 1)

Mastering the Black Channel

Implementing BLE Security in IoT Applications (.PDF Download)

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!