Sweet dreams and nightmares: Security in the internet of things

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Authors

Colleges, School and Institutes

External organisations

  • Universitat Bochum

Abstract

Wireless embedded devices are predominant in the Internet of Things: Objects tagged with Radio Frequency IDentification and Near Field Communication technology, smartphones, and other embedded tokens interact from device to device and thereby often process information that is security or privacy relevant for humans. For protecting sensitive data and preventing attacks, many embedded devices employ cryptographic algorithms and authentication schemes. In the past years, various vulnerabilities have been found in commercial products that enable to bypass the security mechanisms. Since a large number of the devices in the field are in the hands of potential adversaries, implementation attacks (such as side-channel analysis and reverse engineering) can play a critical role for the overall security of a system. At hand of several examples of assailable commercial products we demonstrate the potential impact of the found security weaknesses and illustrate "how to not do it".

Details

Original languageEnglish
Title of host publicationInformation Security Theory and Practice. Securing the Internet of Things
Subtitle of host publication8th IFIP WG 11.2 International Workshop, WISTP 2014, Heraklion, Crete, Greece, June 30 – July 2, 2014. Proceedings
EditorsDavid Naccache, Damien Sauveron
Publication statusPublished - 30 Jun 2014
Event8th IFIP WG 11.2 International Workshop on Information Security Theory and Practice: Securing the Internet of Things, WISTP 2014 - Heraklion, Crete, Greece
Duration: 30 Jun 20142 Jul 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8501 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Conference

Conference8th IFIP WG 11.2 International Workshop on Information Security Theory and Practice: Securing the Internet of Things, WISTP 2014
CountryGreece
CityHeraklion, Crete
Period30/06/142/07/14