Robust, Bare-Metal Security that works on any IoT Device
Thank you, and thanks for attending!
Thank you!
You're very welcome!
Thank you for the explicative presentation!
Thank you for watching, and for your kind comment!
Are there any instances of IoT ransomware and if so, can the suggested security solution prevent such attacks as well?
Hello, I'm not aware of any IoT ransomware attacks, but that doesn't mean that they don't exist or that they won't escalate to that point. The attacks that I have seen are typically of the DoS/DDoS nature. The security solution I mentioned in the talk can help guard against this because usually the way these attacks are perpetrated are by either overwriting the firmware or making some jump to an area in RAM that has executable code. In the first case, a POR of the device will check the firmware's signature to see if it's authentic. In both the first and second case, there is an API that can be called from within the application to do the same thing. You could - and just thinking out loud here - tie a call to that function to some sort of non-maskable interrupt that executes once a day (or once an hour, etc.) to also force a check during application execution to try to guard against a buffer overflow attack. Of course, it's a cat-and-mouse game about how a hacker could get around this, but if somehow you can force a call to that secure function (be it by a POR or otherwise), you can recover the device. Great question - please contact me if you need more information on how this might work in a real system!
Excellent explanation. thank you very much.
Absolutely, thank you for attending and your great question on Group-based crypto during the live chat session!
Thanks for sharing slide deck! IAR again showing why you are a leader in this space.
Thanks so much! I'm really glad you liked it!
Good analogy with root and square. To extended it, quantum computing will break current encryption because it will provide a calculator, which makes root as easy as computing square
For many current cryptosystems (like RSA), that is certainly true. That's why one of the hot research topics in cryptology today is Post-Quantum Cryptography. It will be interesting to see where it takes us!
A very interesting walk-through of security concerns and solution considerations, particularly the final recommendation to focus on security from the start. Thanks for putting together this presentation, nice job!