This article is based on a guest lecture delivered at the Technical University of Denmark.
I’m an IoT researcher with more than 10 years of experience in low-power wireless networks and embedded systems. In the early days, often our main goal was to make things work at all. Security was an afterthought; besides the fact that many of the first uses of IoT were in “toy” applications, few people were even aware of the existence of these low-power wireless sensor networks, and fewer still had the means to attack them. Now, IoT becomes more and more widely used, and we start to make important decisions based on data coming from these low-cost low-power devices, IoT security must become now a sharp point of focus. Otherwise, our field risks to obtain and keep a troubled and untrustworthy reputation.
The problem is hard as IoT networks are vulnerable to all of the usual security threats affecting other, more traditional computer networks. On top of that, they are more severely vulnerable or additionally vulnerable to specific attacks, such as sniffing and jamming.
What is an IoT network?
“Internet of Things” has many definitions. Here are some of my favorite:
- “A network of Internet connected objects able to collect and exchange data.” (source)
- “A system of interrelated computing devices, mechanical and digital machines provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.” (source)
Clearly, networking is an essential aspect of IoT. Personally, I define an IoT network simply as a network of low-power wireless devices that may or may not be connected to the Internet.
The applications of IoT include industrial monitoring and control (Industry 4.0), smart homes, smart cities, smart agriculture, as well as many use cases for healthcare and fitness, for example, in the form of body area networks composed of wearable sensors. Applications are also emerging for wireless in-car and in-airplane networks (for example, for on-board entertainment).
The technologies used in IoT networks include both traditional WiFi and cellular communications and more specific protocols:
- Short range protocols: IEEE 802.15.4, Bluetooth and Bluetooth Low Energy (BLE), and for some applications WiFi. While there are “low power” WiFi devices, the dedicated low-power protocols usually are better choice for battery powered devices, as its difficult to conform to the WiFi standards while saving a lot of energy. These are mainly used in body area, healthcare/fitness and smart home applications, as well as in industrial automation.
- Long range protocols: LoRa/LoRaWAN, NB-IoT, Sigfox, IEEE 802.15.4g, IEEE 802.11ah (“WiFi HaLow”). These are mainly used in smart agriculture, smart city, and smart home applications.
Wireless communication usually uses electromagnetic waves as the communication medium. (Some other options are available, such as wireless communication using electric field or magnetic field alone, and wireless communication using sounds.) IoT devices typically use the 2.4 GHz band for short range network and 433, 868 or 915 MHz bands for longer range networks. The range is longer, but the achievable data rates are lower in the sub-GHz land.
An issue with the 2.4 GHz band is that its overloaded by signals. It is also heavily used by WiFi networks, as well as both by Bluetooth and IEEE 802.15.4 IoT networks. To sidetrack a bit: the 2.4 GHz is not so heavily used because it is free, and not because it is such a good frequency band — in contrast, this band is in fact bad for communication! It has a local maxima for absorption of electromagnetic waves by water vapor, hence, establishing long open-air radio links in the 2.4 GHz band is a bad idea. (The high interaction with water is also the reason why the 2.4 GHz frequency is used by microwave ovens — another device class which is “competing” for wireless spectrum in our homes and offices, albeit in the form of accidental and undesired leakage of electromagnetic radiation.) In fact, most of the frequency bands that are “bad” in some way (for example, with relatively high absorption by water vapor or by oxygen) are marked as free by international standard organizations. They are called ISM — industrial, scientific and medical — bands. Some of them, such as the 2.4 GHz band are free worldwide, others such as 868 MHz band are local to a region. As the name “ISM” implies, the original intention was to keep them for uses not related to communication; however, that ship has sailed long ago.
The communication technologies competing for the 2.4 GHz band don’t use the whole band at once. Instead, they separate it in channels. The sender and receiver devices must be on the same channel in order to communicate. The number of the channels depend on the technology:
- WiFi: 13–14 channels (for 20 MHz channels, fewer for larger channels)
- Bluetooth Classic: 79 channels
- Bluetooth Low Energy (BLE): 40 channels
- 6LoWPAN: 16 channels
This gives opportunities for coexistence between multiple technologies, as it unlikely that a single technology is going to occupy all of the channels at once.
Sniffing is another name for eavesdropping — picking up signals not meant for you. Wireless communication makes sniffing much easier, as the attacker may do the attack remotely.
Sniffing can be countered by encryption. However, even if encryption is enabled, opportunities for side-channel attacks remain:
- Signal strength correlates with the distance to the transmitter → location information becomes available; the variability of signal strength over time correlated with the movement patterns of the transmitter →signal variability can be used to determine the current activity of the human wearing the transmitter device, for example!
- Packet sizes may encode information about the traffic, such as the types of events being reported over the encrypted connection.
- Periods between packets may encode the dynamics of the processes being monitored.
It may be tricky to sniff packets if the communication protocol uses multiple channels to communicate. Channel hopping is necessary to remain on the same channel as the transmitter. This is the main drawback of narrow-band sniffing. However, this kind of sniffing can can be done using any device with an appropriate transceiver — no dedicated hardware is needed.
Using a software-defined radio (SDR) it may be possible to sniff the whole frequency band and decode all packets being transmitted on specific channels. This wide-band sniffing is a nontrivial task for sure, but one feasible in theory. SDR come in multiple price and capability levels — starting from simple ones like the RTL-SDR dongle (~25 USD), to HackRF (a couple hundred USD) to the more professional USPR (a couple thousand USD). If you’re a protocol developer or a serious hacker, you might even buy a dedicated wide-band Bluetooth sniffer that works out of the box (and costs a couple tens of thousands of USD).
In a jamming attack, the attacker interferes with the connection between the IoT devices. All wireless signals are vulnerable to jamming, however, IoT devices are especially vulnerable due to their low transmission power. For example, a typical transmission power for a WiFi device is 14 to 17 dBm (decibel-milliwatts). In contrast, IoT devices typically transmit at 0 dBm to 5 dBm — an order of magnitude difference. As a result, it is easy to drown the signal coming from an IoT transmitter even with a commodity WiFi hardware.
There is a number of techniques how to counter jamming (as well as unintentional, benevolent cross-protocol interference):
- Simple repetition, where the same data may be transmitted multiple times at different points of time;
- Frequency diversity, where the same data may be transmitted at different frequencies (i.e. channels);
- Spatial diversity, where multiple nodes at different positions may transmit the same data;
- Polarization diversity, where multiple antenna polarizations are used;
- Coding redundancy, where on-the-air data is encoded in a way that allows to reconstruct the packet even if parts of it are corrupted.
However, a sufficiently advanced attacker will always be able to simply drown the communication within an IoT network using a sufficiently wide-band, sufficiently long and sufficiently strong jamming signal. It is not possible to fully counter this attack with any specific technique. As often in such situations, the fallback is to counter it via legal action. The specific laws are different to each frequency band, but in general it is simply not legal to transmit signals that are very strong, very long, or occupy very wide bandwidth. To give an example, the ETSI (European Telecommunications Standards Institute) regulations say that in for radio transmitters in Europe operating in the frequency from 865 MHz to 868 MHz, the maximum transmission duty cycle is 1%, and the maximum strength is 14 dBm. There are both national and international organizations that control the spectrum usage in each country. Since jamming is an active attack, it is always possible to detect and find the source of the jam signal. Violating the relevant laws may get you fined, or worse.
Jamming and sniffing can be combined to create a man-in-the-middle (MITM) attack. First, the attacker jams an existing connection. The connection can be between IoT devices, or between an IoT device and an external device. For the sake of the example, let’s pick a wearable device (smartwatch) connecting to a mobile phone.
The attacker then sniffs the packets coming from the devices trying to re-establish the connection. Based on the information collected via the sniffing or obtained otherwise (if the packets are encrypted, for example), the attacker is able to impersonate both devices. On the wearable device side, the attacker impersonates the mobile phone. On the phone side, the attacker impersonates the wearable device.
The attacker can now pass data between the wearable device and phone. They have full access to the data — and without any of the devices being aware of what is happening. Moreover, they can selectively drop some packets, or insert new packets in the connection.
Some IoT protocols are vulnerable to the MITM attack by design. For example, the Bluetooth standard (version 4.0+) describes the Secure Simple Pairing (SSP) mechanism that allows to establish encrypted connection between multiple devices. This mechanism comes in four varieties. Three of these varieties which do protect against the MITM attack, but the remaining one, called “Just Works” offers no MITM protection, just protection against simple sniffing. Hence, it should not be used in security-sensitive applications.
IoT encryption and authentication
To me, the most amazing thing about IoT security is that encryption and authentication works at all. There is an astonishing power asymmetry between the defender, which may be a battery-powered IoT device capable of a few million operations per second, and the potential attackers, which may be supercomputers that are billions of times more powerful. However, to the best our current knowledge, no realistic attack is known affect the encryption and authentication cryptographic primitives that are currently used in IoT.
On the other hand, the actual IoT protocols are often vulnerable to various attacks due to the cryptographic primitives being used in less-than-perfect way. Similarly, key exchange is still not considered a solved problem in the context of IoT. It difficult to authenticate the devices for key distribution due to the scale of IoT networks; it even more difficult to keep the keys up-to-date as reprogramming and updating the IoT devices is often very difficult and sometime not even part of the operational budget.
Most IoT devices include some hardware components for accelerating cryptographic operations. Hardware acceleration allows to run the cryptographic primitives at a fraction of time and energy required to do the same operations in software. AES accelerators are especially common. Elliptic curve cryptography and hash functions (SHA-2) are also often accelerated. Elliptic curve are used to implement more light-weight alternatives to RSA, which is a prime-number based asymmetric cryptography algorithm and not highly used in the IoT context. In the future, more devices that include SHA-3 accelerators are expected.
IoT network vs. traditional network security
Compared with traditional wired networks, IoT networks are:
• Man-in-the-middle, replay attacks — similarly severely vulnerable
• Spoofing attacks — equally severely vulnerable
• Denial of Service (DoS) attacks — more severely vulnerable
• Sniffing — more severely vulnerable
• Jamming — additionally vulnerable
• Physical attacks — more severely vulnerable
In short, IoT networks are vulnerable to all of the problems traditional networks, at least equally severely and in some cases more severely. Furthermore, they are additionally vulnerable to jamming attacks.
It is clear that IoT security is not a fully solved research field. To sum up the current state:
• The basics such as encryption and authentication work well. Things may change when the current algorithms are broken by quantum computers or by clever cryptographers (only asymmetric cryptography is vulnerable to the former), however, this challenge is not unique to IoT, and better & quantum-safe cryptographic algorithms are constantly being developed.
• IoT security faces several additional difficulties compared with traditional wired networks. These difficulties mostly are due to the resource limitations on devices, wireless communication being used, operational complexity, network scale, and deployment longevity.
• There are some open or partially solved challenges in IoT security, namely, secure key distribution, motivating users to keep their devices secure, and physical security.
• More strict legislation and regulation may be needed. Some experts such as Bruce Schneier believe that a “free market” approach is not going to deliver good results in the IoT security field and that companies should be mandated by law to pay more attention to the security of their devices, including long support plans with automated security bugfixes being rolled out continuously.