Solution Provides Answers to Weak Encryption Keys Common to IoT Devices
Resource-constrained IoT devices are notorious for their inability to host robust encryption with sufficient entropy. Secure Channels’ quantum-resilient, embedded symmetric encryption solution leverages ID Quantique’s (IDQ) quantum technology giving IoT manufacturers a powerful new tool to deliver protected network devices. The new solution particularly adapted for drones will be displayed at the CES 2020 conference Jan. 7 to 10 in Las Vegas.
A recent report by cybersecurity firm Keyfactor emphasizes IoT devices’ lack of adequate entropy sources, leading to serious cybersecurity shortcomings. Entropy provides the integrated cipher with the randomness required in order to generate strong keys that are difficult for adversaries to break. IoT devices like sensors, IP cameras and connected consumer devices are primarily designed for optimal performance, cost and battery life. These considerations leave little space or resources for sound encryption technology. Manufacturers that manage to include encryption into their products gravitate toward common asymmetric ciphers like RSA. However, device architecture often prohibits the inclusion of an entropy source the cryptosystem can leverage. The keys generated in these deployments, therefore, lack the degree of randomness that can keep adversaries from cracking the encryption and accessing the device.
Further diluting IoT device security is the possible weakness of the RSA cipher itself. RSA was determined to be breakable through quantum computing a quarter century ago, giving the cipher an impending shelf life. However, teams in France recently cracked the largest RSA keys to date with shocking speed using classical computers. Although the size of the cracked key (795 bits) is still very very far from the currently used keys (2048 bits), the accomplishment highlights the dangers of asymmetric cryptosystems centered around presumedly unsolvable math and suggests RSA’s whole failure may occur earlier than estimated.
Secure Channels’ encryption aims to address IoT’s cybersecurity gaps. Secure Channels’ XOTIC Core cryptosystem delivers efficient post-quantum encryption at speeds that exceed those of popular stream ciphers. XOTIC Core’s unique one-time pad element draws entropy from the IDQ’s Quantis QRNG chip to rapidly create scalable, symmetric encryption keys ranging from 512 to 8,192 bits. The Quantis QRNG chip is a compact, durable quantum random number generator that can be integrated into small, low-power products. XOTIC Core is ultra-lightweight with only 72KB of code providing a highly efficient, post-quantum strength cryptosystem, allowing easy integration into any resource-constrained device.
The solution affords IoT manufacturers a flexible, new option for protecting their devices from evolving threats. It addresses the cybersecurity gap in an exploding IoT market. By 2025, a forecast 76 billion devices will have been deployed — devices that are predominantly the weakest network links. Their “trusted status” on a network can extend the reach of an adversary successful in compromising a single encryption key. One exploited device can net adversaries free reign over network endpoints to access sensitive data, manipulate machinery or deluge websites with traffic. This first solution represents the foundation of a future collaboration between Secure Channels and ID Quantique.
Secure Channels CEO Richard Blech feels that this solution can eliminate potentially tragic cyberattack scenarios in the consumer electronics market and beyond. “The rampant expansion of IoT and IIoT has been aided by a grossly misplaced trust in weak onboard encryption. It’s created a precarious situation now that these devices are tasked with transmitting sensitive personal data, monitoring embedded health devices and operating machinery at the heart of critical infrastructure. Strong future-proof encryption may be the deciding factor that averts ruined livelihoods, health crises or widespread catastrophe. I’m confident manufacturers of these devices and equipment appreciate their responsibility to protect end users with entropy-backed, dependably secure products”
About Secure Channels
Secure Channels is a cybersecurity solutions development company based in Irvine, Calif. Our experts engineer and develop high-performance, cost-effective cybersecurity technologies as platform-agnostic software and hardware-ready solutions to protect against present and emerging threats. Our award-winning, cryptanalyst-celebrated solutions include advanced data protection, future-ready encryption, authentication and enterprise confidentiality solutions. Learn more at www.securechannels.com.
About ID Quantique
Founded in 2001 as a spin-off of the Group of Applied Physics of the University of Geneva, ID Quantique is the world leader in quantum-safe crypto solutions, designed to protect data for the future. The company provides quantum-safe network encryption, secure quantum key generation and Quantum Key Distribution solutions and services to the financial industry, enterprises and government organisations globally. IDQ’s quantum random number generator has been validated according to global standards and independent agencies, and is the reference in highly regulated and mission critical industries – such as security, encryption, critical infrastructure and IoT – where trust is paramount.
Additionally, IDQ is a leading provider of optical instrumentation products, most notably photon counters and related electronics. The company’s innovative photonic solutions are used in both commercial and research applications.
IDQ’s products are used by government, enterprise and academic customers in more than 60 countries and on every continent. IDQ is proud of its independence and neutrality, and believes in establishing long-term and trusted relationships with its customers and partners.
For more information, please visit www.idquantique.com.