Group Actions
Engagement
  • Author Author: crjeder
  • Date Created: Date Created
  • Views 1630 views
  • Likes 1 like
  • Comments 19 comments
Related
Recommended

Smart Key Hooks - Prelude

crjeder

Introduction

 

I would like to thank the organizers and sponsors of this challenge and for giving me the chance to take part and learn.

This is my first challenge and will be my first major programming project in at least 10 years and my first electronic design in more than 20 years. So please be patient with me, I might have a rather slow start.

So why is such a total noob as I am entering such a challenge?

In the detailed description for the challenge Pat Kelly writes:

 

„element14 believes that the Internet of Things may hit a roadblock: namely, the lack of secure communications between objects and individuals could lead to a situation in which data is being shared without explicit consent and exploited for malicious purposes.“

 

I totally second that. And I am amazed that anybody thinks „security first“ because the world already is full of devices and gadgets which are shipped with the functionality barely in place and no security at all. And this is even the best case – many corporations try to gather as much data about us as possible. New products and services seem to be launched only for that purpose.

Therefore I will use my 15+ year experience in security to see what I can do about this problem.

 

Project Idea

 

Our Key Hooks looks like this:

image

As you can see it is not only used to store the keys, but it also serves as a message board. Since every household member has an own keyring and would not leave home without it one can determine who's at home by looking at board. Hanging the key would be one of the first thing one does when back home. If you look closer you can see a few key rings with only one or two keys. That belong to special security profiles like "guest". Er, sorry for the security language - I am to used to it. What I meant to say was there are keys which we hand to our guest to allow them to leave and come back on their own. An other example is the key to the shed or the garage.

 

Enchantment

 

How could this ordinary object be improved with more functions?

First Idea is to make the offline functions available online. Second is to add functionality we are used to in the connected world to this object.

 

Planed features

  • Sharing status and state changes (“at home”, “out” , “leaving”, “arrived”) online
  • Displaying additional online status information through LEDs
  • Detect additional changes on the board (add / remove paper note)
  • Leaving speech messages

Challenges

  • Detection and identification of the key rings
  • User interface (I don't want to add buttons etc.)
  • and of course security

 

Security

 

Security is important, not only in this callenge. Therefore the security related problems deserve their own chapter:

  • Fair Rolles / rights concept
  • End to end encryption for all data shared over the internet
  • Leave as much data within the object as possible
  • "Harden" the object against attacks from the internet

Use of the Project's Results

 

For me this project will definitely be definitely a big learning experience - hopefully for others, too. Furthermore it will be the first and useful piece of my "Smart Home". If others can use parts or ideas, especially security, for other projects my goals would be over achieved. For all thos who made it this far: hope you'll join my in my next blog post, also!

Parents

  • Looks like a very interesting challenge ...

    The challenge will be sharing the data but keeping it secure, or maybe just make it a useless string of numbers that mean nothing to the observer.

     

     

    The previous three challenges have shown that sharing the findings and tricks/tips has improved everyone and allowed the final result to be less stressful.

    We all have strengths and weakness'es and assisting each other over these means everyone learns.

     

    Good luck

    Mark

  • in reply to mcb1

    Usable crypto is hard to do. To produce something useful in time it might not be cryptographic secure but just a brunch of meaningless bytes. A resourceful adversary collecting enough messages will be able to make sense of it. Or I use strong cryptography and the user has to deal with keys again. Let's see which trade off I'll be choosing.

Comment
  • in reply to mcb1

    Usable crypto is hard to do. To produce something useful in time it might not be cryptographic secure but just a brunch of meaningless bytes. A resourceful adversary collecting enough messages will be able to make sense of it. Or I use strong cryptography and the user has to deal with keys again. Let's see which trade off I'll be choosing.

Children
  • in reply to crjeder

    I was wondering if you simply sent a string of 10, 20 or 30 digits that to anyone looking at it meant nothing.

    You could add some basic maths and use the first number as a subtraction value to apply to the others, or simply the key values.

    You could even make the second number as a pointer to which number in the string held the first part of the message.

     

    Yes I agree that over time anyone collecting all the information might be able to work out something, but it would be a monumental effort.

     

    Mark

  • in reply to mcb1

    Mark, using the same key over and over with a simple algorithm in that way is a cryptographic no-no but there are plenty of tools/examples about for proper encryption.

     

    Christoph, if you have control over both ends then a public/private key solution could work. The microcontrollers are not really powerful enough to do handle that but the router part of the Yun should be able to cope with it but if you are planning speech then the SAMA5D4 might be a better host, I just spotted that the SAM has "hardware accelerated RSA/ECC public (asymmetric) key cryptography"

  • in reply to Workshopshed

    :

    You are right: in this example of IoT both ends will be capable of doing asymmetric crypto and thus the use of certificate wold be possible. But certificates have to come somewhere and setting up a PKI is definitely out of scope. Buying certificates would be possible but generally not desired because of the large number of IoT. E. g. spending $30 / year for a certificate is ok for the family's web presence, but most people (me including) do not want to spend for every key ring.

     

    :

    The effort would not to monumental if your math is basic.

    Assume I would code presence in an 64 bit string and I have 16 key rings so for very basic math:

    • Key rings are identified by their (binary) number 0000 to 1111
    • select 4 random bits for every key ring (non overlapping)

    so every bit is used by exactly one key ring. Let's assume the random drawing returned bit numbers 4, 3, 2 and 1 (by pure coincidence this is exactly the ordering as in the key's number :-)

    so when key number 3 is returned the message looks like this:

    0000...000011

    62 zeros

    by comparing it with the initial message which was:

    0000...0000

    64 zeros

    you see that 2 bits have changed from 0 to 1 and therefore either

    • one of the following keys are present
      • 3, 5, 9, 6, 10, 12
    • one of the following key pairs are present
      • 1 and 2, 1 and 4, 1 and 8, 2 and 4, 2 and 8, 4 and 8

    when we observe more packets we will soon see that the last 2 bits always change at the same time which rules out the key pairs. We also will find the position of the zeros and so on. After a bunch of messages we'll know all bit positions and thus can decode all presence information.

    You'll comply that our random drawing was not really producing anything a sane human would call random and you'll be right (at least if doubt the sanity of mathematicians and cryptographers). But no matter how you change the bit positions one will always be able to do exactly the observations in the above example leading to compromise.

  • in reply to Workshopshed

    Hardware in the kit is overpowered for what I want to do. So if one ever wanted to design a product out of this work would use a ARM M0, probably.

  • in reply to crjeder

    Yes, I'm unlikely to use the SAM but it could be a fun board to play with once the challenge is over. I'm hoping to run on batteries so am doing some investigation into power management.