Go to
Pankaj Rohatgi
Practical challenges in IoT security and privacy
Superficially the security challenges in designing and deploying IoT devices and systems appear similar to those inherent in the design and deployment of other embedded systems. However, in our interactions with IoT vendors, we have found that the unique characteristics and diversity of this market create many practical challenges when trying to shoehorn existing security solutions into this space. This challenges provide an opportunity for researchers and practitioners to create novel solutions that better target this market. In this position paper, I will highlight three areas where innovation is needed.
The first area is secure key/trust provisioning and lifecycle management. The IoT market shares with other markets the challenges of low-cost secure provisioning of keys into ICs during manufacturing in untrusted environments, to establish a root-of-trust. However, diversity of the ecosystem requires rethinking of typical hierarchical delegation and trust models associated with these keys across the product lifecycle. A typical IoT chipset maker, supplies the same chip to a large number of IoT device markets and applications. For example, the same chip could be sold to device makers in multiple markets, such as smart-meter/smart-grid, industrial transportation, or industrial control. These devices are then purchased and owned by some other entity. The connectivity aspect of IoT means that the owner or even some other service provider entity, communicates with and controls these devices, for a particular IoT application. Trust models derived from the chip’s root-of-trust requiring significant co-ordination between chip makers, device makers, owners and service providers will clearly not work in this space. A second area of innovation is around security renewability. Clearly, for devices that are long lasting in the field, support for essential security renewability such as code updates and security patches is required. This, by itself, has practical co-ordination challenges as multiple entities contribute towards the code running in these systems. However, the IP connectivity of these devices also means that the system has to be designed to allow for secure updates of keys used by the device for communication, provenance, etc if the protocols and keys held by server/cloud infrastructure that are managing these devices get compromised. A third area of innovation is around privacy. An IoT device may provide information and/or service to multiple service providers and the privacy of the device owner needs to be maintained despite the need for device and device data authentication.
About the panel speaker:
Pankaj Rohatgi, is currently a Security Technology Fellow at Rambus Cryptography Research Division where he leads the research and development efforts around Cryptography Research’s hardware security products and solutions in the areas of Content Protection, Anti-counterfeiting, Secure Provisioning and Side-Channel Resistance. From Aug 1996 - July 2009, Dr. Rohatgi was a Research Staff Member at IBM's T. J. Watson Research Center where he also managed the Information Security Group. From 1993 to 1996 he was the security architect for the OpenTV operating system at Thomson R&D labs and at a Thomson/Sun Microsystems joint venture. Dr. Rohatgi has conducted basic research in several areas of applied cryptography, system and network security, privacy and secure hardware. He also worked and consulted on several security and cryptographic products. His research interests include side-channel cryptanalysis, applied cryptography, network and systems security and embedded systems. He has published over 40 technical articles and holds several patents. He was awarded two Outstanding Innovation Awards by IBM for his contributions to Side Channel Analysis and to the Security of IBM's System S and is the recipient of Pat Goldberg Memorial Best Paper Award in 2007. His professional activities include serving as the Program Co-chair of CHES 2008 and CARDIS 2013, and in numerous program committees for security conferences, serving on standards organization such as the W3C, IRTF and IETF. He received his Ph.D. from Cornell University in 1994.
Secondary navigation
- EPFL Workshop on Logic Synthesis and Emerging Technologies
- Luca Amaru
- Luca Benini
- Giovanni De Micheli
- Srini Devadas
- Antun Domic
- Rolf Drechsler
- Pierre-Emmanuel Gaillardon
- Jie-Hong Roland Jiang
- Akash Kumar
- Shahar Kvatinsky
- Yusuf Leblebici
- Shin-ichi Minato
- Alan Mishchenko
- Vijaykrishnan Narayanan
- Ian O'Connor
- Andre Inacio Reis
- Martin Roetteler
- Julien Ryckaert
- Mathias Soeken
- Christof Teuscher
- Zhiru Zhang
- Symposium on Emerging Trends in Computing
- Layout synthesis: A golden DA topic
- EPFL Workshop on Logic Synthesis & Verification
- Luca Amaru
- Luca Benini
- Robert Brayton
- Maciej Ciesielski
- Valentina Ciriani
- Jovanka Ciric-Vujkovic
- Jason Cong
- Jordi Cortadella
- Giovanni De Micheli
- Antun Domic
- Rolf Drechsler
- Henri Fraisse
- Paolo Ienne
- Viktor Kuncak
- Enrico Macii
- Igor Markov
- Steven M. Nowick
- Tsutomu Sasao
- Alena Simalatsar
- Leon Stok
- Dirk Stroobandt
- Tiziano Villa
- Symposium on Emerging Trends in Electronics
- Raul Camposano
- Anantha Chandrakasan
- Jo De Boeck
- Gerhard Fettweis
- Steve Furber
- Philippe Magarshack
- Takayasu Sakurai
- Alberto Sangiovanni-Vincentelli
- Ken Shepard
- VENUE
- Panel on Circuits in Emerging Nanotechnologies
- Panel on Emerging Methods of Computing
- Panel on The Role of Universities in the Emerging ICT World
- Panel on Design Challenges Ahead
- Panel on Alternative Use of Silicon
- Nano-Bio Technologies for Lab-on-Chip
- Functionality-Enhanced Devices Workshop
- More Moore: Designing Ultra-Complex System-on-Chips
- Design Technologies for a New Era
- Nanotechnology for Health
- Secure Systems Design
- Surface Treatments and Biochip Sensors
- Security/Privacy of IMDs
- Nanosystem Design and Variability
- Past Events Archive