8 hours 10 minutes
Hi, I'm Matthew Clark. This is Lesson 4.5 encryption.
In this video, we're going to discuss the role of identity,
including identity considerations and life cycle.
We're going to discuss trust anchors and cryptography, including symmetric and asymmetric encryption.
Let's start by talking about the relationship between identification and authentication.
Identification is a requirement for authentication. You simply cannot authenticate what you cannot first identify and authentication proves and identity assertion.
This is where identity management comes into play.
Identity management is important to being able to protect I OT devices and the other components in the IOC system
by having a secure manner in order to prove the identity.
Proving identity requires protecting credentials regardless of the type of identity used. Our credentials that are used in our previous lesson. We conducted a case study of a ni o T smart home hub, where identity was nothing more than the serial number, and no authentication or verification was made of that identity claim
before the ecosystem delivered sensitive information.
So let's talk a little bit about identity lifecycle,
and what this is is a drawing that kind of attempts to demonstrate the different types of identities that I OT device can have and the uses for those identities.
So as you can see, there's many different identities that device could potentially have, and all of those need to be securely provisioned and protected throughout the life cycle of the device,
a single device could have all kinds of different types of identity, such as one identity used by the silicon manufacturer during supply chain use. Another identity that used by the O. E M for distribution.
A new identity could be created and used by the customer who's using the device.
Um, the OM may choose to pre load public certificate of the update service,
which would enable the i. O. T. Device to form cryptographic verification and encryption of a new firmware image. And certainly, ownership changes and end of life activities would need tohave thes identities securely removed.
So let's talk a little bit about cryptography. This discussion of identity and authentication is a natural lead into a conversation about encryption in cryptography is generally used to achieve security services. It's a key component in establishing a root of trust.
Symmetric encryption can be used for secure communication, assuming there's a mechanism in place for the secure key exchange
and asymmetric encryption could be used to identify, establish identity and provide authentication services,
while hashing algorithms could be used to prove the integrity of boot loaders, kernels, hyper visors, operating systems and applications prior to execution.
So hopefully and we've established in previous lessons that when it comes to identity and authentication that asymmetric encryption using a peaky I with verifiable certificates and keys is the best method. And I'll try to absolutely hold that,
however, as this is the real world and their instances where it just doesn't make sense to ship a device with a preloaded identity certificate.
This is where trust anchors come into existence.
The next 800-63 defines a trust anchor as, ah, public or symmetric key that is trusted because it is directly built into ah, hardware or software, or securely provisioned out via out of band means rather than because it's vouched for by another trust entity.
For example, in a public key certificate,
much like ships, use an anchor to keep from drifting at sea, I O. T devices can use trust anchors to keep their identity from being lost in the endless ocean of the Internet,
a common example of a trust anchor that many people may not realize or sim cards used by cell phones.
SIM cards were used to authenticate phone numbers.
A SIM card could be moved from one device to another, and the new phone will suddenly act like the previous phone, accepting incoming messages bound for that phone number and sending and receiving calls on that phone number.
Privileged Access Management or Pam works the same way unknown. I ot device can receive an identity certificate because the Pam, which serves is the provisioning solution, receives an expected trust anchor, which contains identifying information about the OT device. Most likely via token,
I O T devices can use trust anchors, which could be inserted into devices during manufacturing and then have their identities provisioned after leaving the factory.
So let's review the basics of encryption. This is only meant to be a refresher. This is too fast and too shallow of a discussion to be meant to be a basis toe. Learn the concepts. For the first time,
symmetric encryption has a single shared key,
and symmetric keys do not prove identity by themselves. You cannot be certain that only authorized parties air using that key.
Now the symmetric encryption is generally strong. Of course, in all encryption, the strength really comes down to the protection of the key and the mathematics of the algorithm and strength of the key.
I've worked with encryption most of my career, and I've never had to worry about the mathematics of encryption.
If you use common open standards and you'll be fine generally, you know, watch the news and keep up with that.
But the strength of the KIIS, something that you need to understand. The stronger keys, the stronger keys are they should require increasing technology and sophistication and processing power in order to brute force it.
You can always circumvent the security of the encryption algorithm by not by attacking the algorithm itself, but by attacking the way an application uses that encryption.
Um, and we see, you know, successful attacks out there by people, not by people breaking encryption, but by breaking an application that just has a vulnerable implementation of it.
Symmetric encryption provides really fast encryption.
Um, it requires an out of band key exchange, and you have to have all the keys that you want to use ahead of time, or you have to find another way to exchange them.
And, of course, symmetric can lead to having many keys. So here's the classic formula that's required for determining the number of symmetric he's that you need. And because of all this, many people just do the easiest thing.
The easiest thing being. Everyone gets the same key. It's like watching an Oprah gift giveaway where everyone gets the same key. You get the key and you get the key and the pet dog gets the key and give a copy of the key to the mailman and so forth and so on.
This happens when the O. A. M decides to reduce complexity and embed a non unique symmetric key directly in the silicon of each device.
If you compromise this key, then you compromise the entire system.
On the other side, we have a symmetric encryption, and this relies on public key infrastructure,
which means that a no AM has to rely on a third party or they have to stand up one for themselves, which is not quick or easy or cheap.
There's benefits, asymmetric encryption and that the number of overall keys are reduced and that there's a way to exchange keys.
It also provides for mutual authentication. A ni O T device knows that the server is trusted, and the server knows that that coyote device is authentic.
Asymmetric encryption is the de facto standard for establishing identity,
and there are other methods that we've discussed that work to establish identity. But this is one of the strongest choices that we have, given that the peak EI and device hardware environment is secure.
Well, that's it for this lesson.
So in this lesson, we started with identity and talked about how it relates to the i. O. T life cycle. We moved on to trust anchors and while they're important to a root of trust, and we took a really brief trip into the mysterious world of encryption