FP Whitepaper The Benefits of a Module in Industrial IoT Applications

IoT || INDUSTRIE 4.0 INDUSTRIE 4.0 Francotyp-Postalia

Content

Introduction 4

A popular system arrangement 6

Threats to be considered 7 Data manipulation or loss of integrity 7 System intrusion or penetration 7 Unauthorized software modification 8

Adding physical security to your IoT-Application 10

Using hardware security to protect TLS key material of clients in hostile environments 13 A basic authentication process 13 Remaining risks 14 An alternative approach 15

Benefit from additional services of an HSM 17 Validated algorithms and key strength to increase the level of trust 17 Enhanced encapsulation 17 Pay per use 17 Dirk Rosenau Timestamping 17 FP Inovolabs GmbH Encrypt and Decrypt Firmware 17 Prenzlauer Promenade 28 Firmware update 17 13089 Berlin Germany www.inovolabs.com

© Copyright 2018 FP InovoLabs GmbH. All rights reserved.

3 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

The Benefits of a Hardware Security Module in Industrial IoT Applications Introduction

The Internet of Things (IoT) is currently one service, malicious insider attacks and mali- full network connectivity similar to that Industrial assets, for example those in the of the big buzzwords and megatrends in cious code. They can include phishing, social available on today’s personal cell-phones. metalworking industry, may have required both the consumer market and in industry. engineering and stolen devices. Ransomware As a result, industrial IoT clients have now huge investment and will be expected to The number of devices connected to the is on the increase, as are botnets that can become gateways connecting the machinery work right until the end of their life. So they internet is growing exponentially. Whilst hijack your computation power. With this in of the past with the internet of today, which are kept alive while in parallel their con- that of course includes smart clients like mind we can look at how industrial users are means they need to cope with the awesome trol systems must be adapted to meet the tablets and phones, more interesting is the adapting in response. mass of attacks available in the network. demands of the changing process environ- growing number of small consumer goods This is the challenge facing decision makers ment. Initially that would have meant an and industrial devices. The latter range from It is not rare to find industrial clients that and system architects when appraising their upgrade after maybe ten or twenty years. simple sensors through smart monitoring are still operating expensive machinery that architecture against possible threats and However, as soon as they are connected to devices to complex gateways. Published esti- was originally installed in the 1950s, with risks. the internet, this could mean that a just two mates suggest that 8-20 billion devices will a control cabinet full of electro-mechanical month delay in installing a particular update connect to the cloud in some way by 20201. contactors. Other applications may have Not all security issues stem from premed- suddenly becomes critical. The economic impact will be measured in been developed between the 1970s and itated attacks either by a person or a mali- trillions of US dollars. 1990s, when the programmable logic con- cious group. A company may simply suffer The damage resulting from cybercrime has troller (PLC) revolution replaced the former the side-effects of other global attacks, and been skyrocketing. Some estimates were The importance of security has long been complicated machine controllers. However the solutions that were standard at the time published in the Cost of Cybercrime study recognized as being critical for traditional these still worked stand-alone, so that while when the architecture was designed may of 20172. This showed that in the major 7 IT; however its significance is often neglected the information world, with its personal now be well outdated – today’s potential key-countries (US, DE, JP, UK, FR, IT, AU) in systems designed for the IoT market, es- and servers, was witnessing the threats were probably inconceivable at that the costs of cybercrime in 2017 had reached pecially those for industrial IoT. The reasons invention and growth of malicious inter- time. Added to which, distributed IoT clients more than 70 billion USD. But the costs of vary, but perhaps it is due in some part to net-based attacks, the world of industrial operating not only in the consumer arena cybercrime must also be reckoned in regard the lack of publicity for such cases compared machines was safely tucked away, offline. but especially in commercial organizations to the damage on a company’s reputation, to those in the PC and consumer world; so are usually not maintained with the same brand image, competitive position, sales and far there have been only a few well publicized Today, IoT applications have become so care or as frequently as PC or server soft- stock value. attacks such as Stuxnet in the industrial IoT popular, and so easy and cheap to integrate ware. However, they require the same atten- arena. that the owners of those same machines tion. Whilst consumers update their cell- are highly motivated, if not compelled, to phones on average every two years, standard To see where the security threats may come upgrade them. Fieldbus embedded system office products - telephones, printers and PC from, it is worth looking at the most popular controllers, industrial PCs and similar are hardware etc. - are often taken for granted sort of attacks known to the public. These being integrated. Of course, these solutions and upgraded less frequently, if at all. Are you prepared? are (listed in order of decreasing frequency) will run commonly available operating sys- ? malware, web-based attacks, denials of tems like Linux or Windows and thus offer

2 Source: Ponemon Institute - ://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/ 1 Source: Gartner (January 2017) https://www.gartner.com/newsroom/id/3598917 Accenture-2017-CostCyberCrimeStudy.pdf

4 5 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

A popular system arrangement Threats to be considered

So let’s look at how an IoT solution might architect can select whether to use server-side Assuming you have decided to build a àà What algorithms and key strength were typically be put together from some of today’s authentication only, or add username and pass- system based on the sort of products and chosen and when will be the expired components. Then, in the next section, we shall word on the client to get mutual authentication, architecture we outlined in the previous timeframe for those? Current state of look at what threats you should be measuring or make use of X509 certificates on the client. section, in this section we want to look the art key strength is 112 bits which the resulting system architecture against. at some threats you should be aware of. If decodes to ECDSA 224, RSA 2048, Commercially and also partially free operated any of these could comprise your system, AES 128 and TDES 112. While smart clients for complex applications MQTT brokers are operated by the prominent or worse, lead to the compromise of other typically come with their own individual appli- IoT cloud service providers such as: Amazon systems in your organization, you will need àà Where are the keys stored, how are they cation protocols, today’s most prominent IoT Web Services (AWS), Microsoft-Azure, to deal with them and come up with solutions protected and who has access to the cloud service providers have adopted simple IBM-Watson, Google, ThingWorx, Sales- to reduce or avoid the risks and the damage key-material? and effective standard protocols for data trans- force, CISCO Jasper, SAP HANA, BOSCH, of cyberattacks. mission when connecting clients. The Message General Electric Predix4. However, for those àà Are there processes in place to re-key the Queue Telemetry Transport (MQTT)3 is a typi- companies that prefer to host their own data Data manipulation or loss of integrity: key material on a regular basis? cal example, being a lightweight, standardized privately, open source and public versions are This means making the sender and receiver message protocol. It allows operators to define also available. The latter may be advantageous authenticate themselves to each other using àà What kind of cipher-suites, cryptographic topics that individual client programs can pub- in some circumstances since the data will strong, unique identifiers, and ensuring that algorithms, key-agreement schemes lish or subscribe to as they wish. The central remain local to that organization on its own the data transfer is kept confidential and its and random number generators have requirement is that there is at least one server servers, but this comes at the cost of mainte- integrity is verified. been used? Note that TDES – a common acting as a broker that receives and forwards nance, training, and ease of scaling. algorithm only a few years ago – has now the topics pushed by different clients. If clients If you chose conservatively, you would have been deprecated. register and subscribe to specific topics, they One of the best known publicly-available chosen a mutual authentication scheme are notified by the broker. MQTT brokers is called Mosquitto5. It comes based on X509 certificate management. System intrusion or penetration: with a client program and can be installed This should be offered by any reputable IoT Is your client always calling the broker via An MQTT broker supports up to three on your in under fifteen minutes. cloud service provider by means of the TLS TLS, or are there other ports offering other different levels of quality of service (QoS). Fifteen minutes later you could be in a protocol provided by your broker. services that have been left open? Is your Level 0 can be described as deliver at most position where you can subscribe and push system is listening for incoming events once. It makes a best attempt at delivery topics. There are open source libraries available However, the security issues don’t stop there. without authentication? Does a hacker just but offers no guarantee or acknowledgment for Mosquitto as well that can be used to Whenever dealing with web security and need to know the installed operating system by the receiver, nor will it attempt a resend. write your own clients, should you need. cryptography you should be thinking about version to let them pick one of the available In QoS Level 1 a message will be delivered cryptographic and issues like: exploits? You should not be surprised if at least once, meaning that the sender will Knowing all that, a company could easily these can be used for attacking your system store the message and resend it until it write a client; grab some data from their àà Who generated and signed the key too. Guides, open source tools and even full receives back an acknowledgment. In the sensors and other actors; then, merging material used? Is there a risk of leaking system installations are available for pene- highest QoS level 2, the message is guaran- their know how of their business with the information? tration testing6. teed to be delivered exactly once. libraries and programs mentioned above, upload their data into the cloud, regardless Apart from these QoS levels, MQTT brokers what kind of IoT cloud service provider is also support (TLS). This used. Even processes for access-management is used to authenticate the identity of the client, and dashboard building are well documented, and to protect the integrity and confidentiality so that you could get an initial system going of the message content. Here, a solution in very little time.

3 MQTT protocol specification: http://mqtt.org/documentation 6 https://www.gitbook.com/book/adi0x901/iot-pentesting-guide/details, https://www.usenix.org/system/files/ 4 A more comprehensive overview can be found here: https://www.postscapes.com/internet-of-things-platforms/ conference/ase16/ase16-paper-chothia.pdf, https://www.kali.org/ 5 https://mosquitto.org/

6 7 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

Unauthorized software modification: àà If your product is shipped and operated These questions fall under the key manage- validated, it must to comply with all the Software is typically executed by an initial at a location in an unfriendly environ- ment section of a variety of cryptographic rules in that guidance. This aims to ensure load process, regardless whether it is a ment, or if you are not able to control standards. One example is FIPS 140-2, an state of the art security. simple bootloader of your own design or a whether operators can access the physi- information processing standard for federal complex operating system variant. In the cal assets of your product, you may want agencies, published by the National Institute Some commercial and open source software end, your software must be read from some to keep certain critical security parame- of Standards and technology (NIST) in the USA. libraries such as Microsoft or OpenSSL have sort of persistent memory into another type ters confidential. been validated against FIPS 140-2 level 1, of memory where it is executed by a pro- FIPS 140-2 covers cryptographic modules but these are exceptions. Physical protection cessing system. You may want to consider àà If your product is sensitive to being and defines four levels that cover require- of course requires you to include at least protecting that piece of software from being duplicated or requires unique identification ments for software- and hardware-based some physically secure element into your modified or substituted by unauthorized that is protected from unauthorized sub- solutions. The higher levels typically only design. personnel. stitution or modification, you need may apply to hardware cryptographic modules, need to implement countermeasures providing for physical protection of firm- àà If your software comprises a set of mul- ware and critical security parameters. Other We hope to give you some ideas here on tiple files, you may want to verify the Further, you may or may not have thought standards are available for cryptographic how you can benefit from adding physical combined configuration is still valid. about how to protect your client software algorithms, modes and schemes. They security into your solutions! from being manipulated either by intend of need to be taken into account in designs àà If your software contains specific intel- an attacker or even accidentally, for example that meet FIPS 140-2. NIST maintains lectual property, you may also want to if its component parts are swapped out Implementation Guidance (IG) regulations, store the software confidentially. during an update of the configuration. updated twice a year. If a module is to be

Smartcard Trusted Platform Hardware Security Module (TPM) Module (HSM)

8 9 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

Adding physical security to your IoT-Application

Whilst some of the threats mentioned àà (TPM): Basically, àà Secure smartcard: Smartcards are single- àà Hardware Security Module (HSM): Here, above are issues of careful system configu- a secure, single-chip coprocessor that chip integrated circuits that, like a TPM, we mean a hardware-based cryptographic ration, others require fundamental design can store cryptographic keys and provide provide limited secure storage for key module that has been formally validated decisions. There is a major difference be- cryptographic primitives that can be material and a primitive set of cryp- against the FIPS 140-2 standard. HSMs tween implementing your client in software used with those keys. The idea was initially tographic functions. They protect the come in different forms: e.g. single-chip, and storing the necessary critical security conceived by Microsoft, Intel and HP. key material from disclosure or substi- multi-chip standalone or multi-chip parameters in unprotected memory or At the heart of a TPM are the “endorse- tution at an elevated physical level, i.e. by embedded modules. Like TPMs and choosing an embedded solution with ment key” and “storage root key”. The including tamper detection and response smartcards, HSMs provide secure storage greater data security. former is burned into the TPM hardware mechanisms. Their cryptographic and a set of services to generate, store, during production; the latter is used to operations are usually optimized for use, and maintain critical security Adding physical security to your IoT- protect other key material generated by performance. Unlike TPMs, smartcard parameters such as keys, passwords or Application can help reduce the cybersecurity the TPM, however it is generated by the versions are available that run their own other confidential data. They are typi- risks. There are different secure elements TPM after it has been initialized. A TPM operating system and thus also support cally used as cryptographic coprocessors available to choose from: also includes firmware to provide a set of services for key management. Specifically, and their multi-chip versions generally primitive services. this technology enables secure iden- support an extensive set of services and àà Simple, secure elements: In essence, this tification of users, but also permits storage. They can also include their own means a cryptographic integrated circuit TPMs are usually soldered to their updating of data and firmware without battery powered circuitry and voltage (IC) that provides a unique identification motherboards and can’t be easily ex- the need to replace the installed cards. supervision that allows the inclusion of that allow you to securely authenticate an changed. Their main aim is to protect More sophisticated, approved operat- a real-time clock for proper time record- item to which the IC is attached. Some can the integrity of their host platform, but ing systems allow single and multiple ing and time stamping to ensure that also be used to exchange a session key they can also be used to provide secure applications to run on Java based virtual expired key material can no longer be based on their identity. Were this compo- storage and /decryption machines on the cards. used. They may also include redundant nent to be exchanged without authoriza- primitives for applications. Modern PCs memory using multiple technologies to tion – either by accident or with malicious and servers are typically equipped with Like TPMs, smartcards are single chip bring added data security. intent – this would be recognized in a TPMs, which are used by the bootloaders solutions that require external power similar way as when you try to log on to to verify the authenticated secure boot and a clock signal. These lines are often a website with an incorrect user name or process that launches the main operating vulnerable to so-called side-channel at- password. Sometimes additional features system (e.g. Windows or Linux). A TPM tacks. Such attacks are designed to steal are also offered. While such devices are does not implement any type of key secret data from a system by observing inexpensive, their functionality is typically management by itself - it relies on external factors like signal timing or the device’s reduced to authentication: for example, software for this. power consumption while it is computing. they do not provide cryptographic prim- A further limitation of smartcards is itives to generate and use key material for their limited storage space for data other purposes. and programs.

10 11 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

Using hardware security to protect TLS key material of clients in hostile environments

Typically, HSM applications will also be To obtain a FIPS 140-2 certificate, the ven- Bringing all of this together, in this section A basic authentication process validated against FIPS 140-2 and thus only dor needs submit their device for intensive we want to illustrate how a configuration There are several options for generating approved applications can be loaded into testing by an accredited laboratory. This including FP’s IoT Secure Gateway, Mosquito the key material to uniquely identify your the HSM extending its set of services. De- formal approval process is known as the and an interface set up to an IoT cloud ser- IoT-device. A straightforward method is to pending on the level, services are linked to cryptographic module validation program vice provider (referred to below as an ICSP) let the ICSP generate the key pair for you. In roles, so that, for example, administration (CMVP). such as Amazon Web Services. The IoT Secure that case, the ICSP generates a unique key can only be carried out by authorized users. Gateway shown in the figures below uses a pair, signs the public key using their root At level 3, identity-based authentication is FP rates the level of physical security in the CAN bus interface to read data from sensors certificate. required, so only authorized users can use order of the listing in the figure below. of an industrial installation and includes the it. Environmental failure protection and use of a hardware security module to protect You will receive three files: the private device testing, tamper detection and response are the owner’s critical security parameters. key for the IoT device, the corresponding in place, which will protect customer specific public device key in a certificate and a certif- applications. HSMs will typically have a se- Typically, the ISCP will operate a public key icate for the ICSP’s root . cure update mechanism in place, which will infrastructure under its own root certificate The files are shown in Figure 3. allow the security features to be extended or authority (CA), in the figure below we use replaced to meet the ever changing needs of the name ICSP RootCA. This might also be These files can be used in your client applica- the security landscape. signed by a recognized international trust tion. Open source and commercially avail- authority like , D-TRUST, Deutsche able MQTT implementations will support Telekom, Microsoft or GlobalSign. this key material, with the resulting configu- ration looking similar to Figure 4. Note that A key pair (here e.g. the MQTT-Broker key in this case the key material is generated by pair) consists of a private key and a public key your ICSP. The ICSP Gateway in the follow- whose validity is prescribed by a certificate. ing figures will be named MQTT-Broker. The certificate provides information about the type and purpose of the key and its life- time. Figure 2 shows a simple key hierarchy for our ICSP and its MQTT-Broker.

CERTIFICATE ICSP RootCA e.g. the Hardware- FP Secure Gateway (incl. Hardware Security Module) based solutions Issuer: VeriSign

e.g. secure elements, CERTIFICATE Hardware-based trusted platform modules (TPM), ICSP RootCA solutions “light” smart cards CERTIFICATE PRIVATE KEY IoT Device IoT Device Issuer: VeriSign

e.g. software certificates, LEVEL OF SECURTY Software-based solutions VPN, web encryption CERTIFICATE Issuer: ICSP RootCA PRIVATE KEY MQTT-Broker of MQTT-Broker (ICSP gateway) Figure 3: Key material provided from an Applications without real security measures IoT cloud service provider (ICSP) Issuer: ICSP RootCA

Figure 1: Security pyramid Figure 2: Key hierarchy for an example IoT cloud service provider (ICSP)

12 13 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

When your client application connects Remaining risks An alternative approach FP RootCA and that for the IoT Data Center. to the cloud service provider, it uses the However, this type of configuration car- Recognizing this issue, major IoT cloud service This is performed in a high-security envi- device key to authenticate to the ICSP’s ries a remaining risk for the owner of the providers will usually support an alternative ronment and will enable it to identify FP’s MQTT broker. The broker is able to verify device. The problem is that the IoT device’s approach, which FP has been testing as a servers in the future. the request, because it recognizes its own private key was generated externally to the proof of concept with Amazon Web Services root certificate authority from the device organization owning the device. Somehow (AWS). In this approach, AWS allow customers Further, the HSM itself generates its own certificate. Equally, the MQTT broker this key has to be passed to the device’s to register their own sub-authority for issuing private and public device key. The private key authenticates itself to the IoT device owner, typically using another type of certificates, which can be used in conjunction never leaves the device, but the public key is using its own server certificate. Because secure session. The private key must be with an HSM. In our example, the certifying passed to the FP servers for them to sign. In this certificate is also issued by the same passed through a number of hands, for sub-authority is the FP IoT Data Center. return it receives its personalized IoT device certificate authority, and the device has a example, an administrator at the client’s certificate, signed byFP . Once this has been copy of this certificate, the IoT device can company, and en-route it might be stored FP operates its own Trust Center, a high- done, any server that recognizes FP’s RootCA also verify the broker. In this way, the sides in an insecure way. All of this poses a security security environment in which it has generated or Data Center certificates will always be able have been able to mutually authenticate risk, and it opens a potential where in a its own root certificate, the “FP RootCA” to authenticate this HSM as a genuine FP themselves so that a secure, authenticated hostile or competitive environment, an ex- certificate. It has also generated other keys device and also have a unique identifier for it. transport layer session can be set up. ternal or internal hacker could compromise and certificates for its other data centers This allows easy building of mutual authenti- So far, so good. the security of the installation. there, including the IoT Data Center; the data cated TLS connections. center stores these keys securely in its server environment. All that remains is for FP to register its IoT Data Center as a certificate issuing sub- The production ofFP ’s HSMs involves each authority with AWS. The resulting configuration one being pre-loaded with a chain of certifi- looks similar to that shown in Figure 5. cates, which include those for both the

MUTUAL IoT AUTHENTIFICATION amazon Cloud Service MUTUAL webservicesTM Provider AUTHENTIFICATION CERTIFICATE CERTIFICATE VeriSign VeriSign

CERTIFICATE CERTIFICATE CERTIFICATE CERTIFICATE CERTIFICATE

ICSP RootCA ICSP RootCA Issuer: VeriSign FP IoT-Data Center ICSP RootCA ICSP RootCA Issuer: VeriSign

Issuer: VeriSign Issuer: VeriSign Issuer: FP Root CA Issuer: VeriSign Issuer: VeriSign

CERTIFICATE CERTIFICATE CERTIFICATE PRIVATE KEY PRIVATE KEY CERTIFICATE PRIVATE KEY CERTIFICATE PRIVATE KEY PRIVATE KEY CERTIFICATE MQTT-Broker MQTT-Broker IoT Device IoT Device of MQTT-Broker IoT Device IoT Device IoT Device IoT Device of MQTT-Broker FP IoT-Data Center (ICSP gateway) (ICSP gateway) Registered certificates Registered

Issuer: ICSP RootCA Issuer: ICSP RootCA Issuer: ICSP RootCA Issuer: FP IoT Data Center Issuer: ICSP RootCA Issuer: FP Root CA

Figure 4: Using ICSP generated key material Figure 5: Registered sub authority using self-generated key material

14 15 Francotyp-Postalia Whitepaper | The Benefits of a Hardware Security Module in Industrial IoT Applications Francotyp-Postalia

Benefit from additional services of an HSM

There are a number of benefits of this If a company would like to register FP as a After reviewing your operational require- affected by malware or ransomware. Each de- approach: sub-authority to their AWS-Account, they ments, if you decide to go for a FIPS 140-2 vice provides a unique identification number need to provide FP with their registration level 3 approved HSM, you have the reas- which can be used to distinguish each device’s àà Confidentiality: The private key of code of AWS. In a one-time secure process, surance that the device and its firmware identity and its physical location. the IoT device never leaves its HSM. FP will generate a verification key pair will have been approved by an independent required for the registration process and a accredited laboratory. In Francotyp-Postalia’s Pay per use: àà Maintenance: Rekeying and introducing corresponding certificate signing request case, the HSM production will also have FP’s HSMs provide a set of services other key material is pretty simple in (CSR) with the registration code of the com- been audited on a regular basis by postal that can be used to download monetary this approach, using standard key manage- pany as common name inside of the certifi- regulating authorities. amounts from a customer’s account at ment processes. cate. Finally, FP will use its IoT-DataCenter FP’s datacenter. The download of money key material and issue a certificate on that In contrast to the other hardware approaches, can be combined with other events and àà Scalability. If you need to operate mul- company specific public verification key. the use of HSMs provides possibilities for triggers defined by in the IoT Gateway. tiple clients, you do not need to regis- including additional customer-specific ser- Sensor events can be used to trigger micro ter each of these manually with your Both, the FP-IoT-DataCenter certificate vices, as described in some examples listed accounting transactions. For each transac- ICSP, because the ICSP will recognize and the company specific verification key below. And if there is a need to add a service tion, the HSM would be able to provide, for the registered root certificates and can certificate will be given to the company or different algorithmFP ’s HSM can always example, a cryptographically signed proof automatically register your devices when which now can use those certificates to be updated remotely. of payment. they connect for the first time. register the FP-IoT-DataCenter to their AWS-Account and activate it, e.g. using the Examples of additional services include: Timestamping: This architecture is equally suitable for clients AWS command line interface (CLI). The The use of a real time clock, standard inFP ’s making use of a TPM, a smartcard or, in the customer specific verification key certifi- Validated algorithms and key strength to HSMs, when combined with signatures allows FP Secure Gateway, an HSM. FP’s HSMs cate is only required once by AWS as part increase the level of trust: the generation of a non-forgeable timestamp generate their initial key material internally of the registration to proof, the issuer of HSMs are validated against FIPS 140-2. on a chunk of data, record or document. during manufacture, and receive signed cer- the certificate owns the private key of the This requires all algorithms and chosen key tificates from theFP ’s IoT Data Center. Since certificates that is to register. strengths at the time of evaluation to accord Encrypt and Decrypt Firmware: the FP IoT Data Center has been registered to the state of the art as laid down in NIST’s By using symmetric keys held in the HSM, with AWS, it can be used to authenticate the If you wish to understand more about the recommendations and implementation guide- the HSM can receive application firmware IoT device to the MQTT-Broker of AWS. The fine details of this approach, there is docu- lines. Currently this includes the use of sym- for a third party and encrypt it for storing in MQTT-Broker will still be authenticated to mentation available online7. metric algorithms like TDEA, AES, hashing another device. Prior to execution, the third the IoT-Device, as the IoT-Device stores the and combinations of these such as HMACs; party would require possession of the HSM Root Certificate Authority of AWS. several modes like CBC and CTR; to decrypt and execute the firmware. In this asymmetric algorithms like RSA and ECDSA; case, the HSM operates as a key-dongle. signature schemes; key derivation functions; key agreement functions; key wrapping func- Firmware update: tions; deterministic random bit generators Other services can be defined by the cus- (DRBGs); true random number generators tomer and securely downloaded into the (TRNGs) and their entropy statements. HSM. This is made possible inFP ’s HSMs by the firmware load service. It can be used to Enhanced encapsulation: exchange or extend the HSM services in a HSMs physically protect key material from secure manner. Only signed firmware can being modified or substituted. The use of val- be loaded into the device. idated firmware limits the risk of their being

7 https://docs.aws.amazon.com/iot/latest/developerguide/device-certs-your-own.html

16 17 Francotyp-Postalia

FP is the specialist for secure mail business and digital communication processes.

18 19 fp-francotyp.com