Abstract
Cryptography is an essential part of network security. But using it effectively requires understanding the context, the processes and the threats. The article explains basic cryptographic concepts like key agreement protocols and certificates, and how they fit into the context of smart embedded appliances networks. The problem of secure key distribution and its consequences for commissioning procedures is explored in higher detail. The final part explains how systems are broken into, despite cryptography, and what to do about it.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
http://heise.de/-1517754 (in German)
- 2.
The other reason is that hacking GSM requires hardware modifications and expert knowledge because easily downloadable software and instructions are not available as of 2012. GSM hacks are therefore rare and covered by mainstream media only in connection with intelligence services (“IMEI-catcher”).
References
P. Degauque, P. Laly, V. Degardom, M. Lienard and L. Diquelou, “Compromising Electromagnetic Field Radiated by In-House PLC Lines,” in GLOBECOM 2010, 2010.
A. Avizienis, J.-C. Laprie, B. Randell and C. Landwehr, “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33, 2004.
ZigBee Alliance, ZigBee Smart Energy Profile Specification, San Ramon, CA: ZigBee Standards Organization, 2008.
B. Schneier, Applied Cryptography, New York: John Wiley & Sons, 1996.
NIST, “NIST SP 800-57 - Recommendation for Key Management,” National Institute of Standards and Technology, 2007.
J. Großschädl, A. Szekely and S. Tillich, "The energy cost of cryptographic key establisment in wireless sensor networks," in ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security, ACM, 2007.
NIST, “NIST IR 7628 - Guidelines for Smart Grid Cyber Security,” National Institute of Standards and Technology, 2010.
S. Gollakota, N. Ahmed, N. Zeldovich and D. Katabi, “Secure in-band wireless pairing,” in SEC'11 Proceedings of the 20th USENIX conference on Security, Berkeley, 2011.
S. Mahlknecht, M. Damm and C. Grimm, “A Smartcard Based Approach for a Secure Energy Management Node Architecture,” in Industrial Informatics (INDIN), 2010.
A. D. Rubin, “All Your Devices Can Be Hacked (Invited Talk),” in TEDx MidAtlantic, Washington DC, 2011.
J.-P. Katoen, I. Zapreev, E. Hahn, H. Hermanns and D. Jansen, “The Ins and Outs of the Probabilistic Model Checker MRMC,” in Sixth Internatinal Conference on the Quantitative Evaluation of Systems QEST '09, 2009.
B. Schneier, Beyond Fear, New York: Copernicus Books, 2003.
Acknowledgments
Thanks go to Christian Krieg for his inputs and contribution.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Acronyms
- AES
-
Advanced Encryption Standard – widely used cipher
- DES
-
Data Encryption Standard – precursor to AES
- DH
-
Diffie-Hellman key agreement – early asymmetric algorithm
- DSA
-
Digital Signature Algorithm – similar to RSA
- DRM
-
Digital Restrictions Management
- ECC
-
Elliptic Curve Cryptography
- ECDH
-
Diffie-Hellman key agreement using ECC
- ECDSA
-
Digital Signature Algorithm using ECC
- ECMQV
-
Menezes-Qu-Vanstone key agreement using ECC
- GSM
-
Global System for Mobile Communication – cellular phone standard
- ID
-
Identification – typically an ID number
- MAC
-
Media Access Control – protocol layer of a typical networking stack
- MD5
-
Message Digest Algorithm 5 – hash function
- MITM
-
Man in the Middle Attack
- MQV
-
Menezes-Qu-Vanstone – authenticated key agreement protocol
- NFC
-
Near Field Communication – upcoming wireless technology
- PGP
-
Pretty Good Privacy – email encryption package
- PIN
-
Personal Identification Number – numeric password
- PKCS
-
Public Key Cryptography Standards – smart card technology standard
- RSA
-
Rivest-Shamir-Adleman – asymmetric cryptographic algorithm
- SHA1
-
Secure Hash Algorithm 1 – hash function
- SIM
-
Subscriber Identity Module – cryptographic module of cellular phones
- SSL
-
Secure Socket Layer – protocol suite used in the World Wide Web
- TLS
-
Transport Layer Security – successor to SSL
- WEP
-
Wire Equivalent Protection – failed security standard for Wi-Fi
- WPA
-
Wi-Fi Protected Access – successor to WEP
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media New York
About this chapter
Cite this chapter
Holleis, E. (2013). Smart Embedded Appliances Networks – Security Considerations. In: Grimm, C., Neumann, P., Mahlknecht, S. (eds) Embedded Systems for Smart Appliances and Energy Management. Embedded Systems, vol 3. Springer, New York, NY. https://doi.org/10.1007/978-1-4419-8795-2_5
Download citation
DOI: https://doi.org/10.1007/978-1-4419-8795-2_5
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4419-8794-5
Online ISBN: 978-1-4419-8795-2
eBook Packages: EngineeringEngineering (R0)