L10

Question 1

Potential security threats for IoT

Answer 1

• Cloning of smart objects
• Malicious substitution of smart things
• Firmware attacks
• Extraction of security parameters
• Man-in-the-middle attakcs during key exchange
• Routing attacks
• Same threats as internet

Question 2

Compare IoT and internet protocol stack

Answer 2

IoT
- CoAP (constrained application protocol)
- UDP (for close networks)
- 6LowPAN
- MAC
- PHY
Internet
- HTTP
- TCP
- IP
- MAC
- PHY

Question 3

Main characteristic of CoAP used in IoT

Answer 3

Has very restricted formats for security reasons

Question 4

Compare secure IoT and internet protocol

Answer 4

IoT
- CoAPs (constrained application protocol)
- DTLs
- IP/TPSec
- MAC
- PHY
Internet
- HTTP
- TLS
- IP/IPSec
- MAC
- PHY

Question 5

Draw schematic of symmetric-key cryptographic algorithm (SKA) (L10 5)

Answer 5

write

Question 6

Mention some example of IoT ecosystem security attacks

Answer 6

• Network layer: sniffing attack
• Application layer: DoS attack, worm-virus attack
• Perception layer: node replication attack, jamming attack, DoS attack, wormhole attack, information routing attack

Question 7

What is a wormhole attack?

Answer 7

It creates an unauthenticated channel between two points

Question 8

Advantages of hardware security

Answer 8

• software authentication is not the most efficient way
• physical functions cannot be copied or altered by external attackers
• useful in: identity, military, automotive

Question 9

Main ideas of physical unclonable functions PUFs

Answer 9

• offer DNA-like identification techniques
• unpredictable and unclonable properties, impossible to regenerate, model or alter
• classified into: non-electronic, analog electronics, delay-based, memory-based

Question 10

Describe in more detail PUF classifications

Answer 10

• Non-electronic: optical, paper, CD, RF-DNA, magnetic
• analog electronic: CMOS Vt, coating, LC
• delay-based: arbiter, ring oscillators
• memory-based: S-ram, butterfly, latch

Question 11

Explain basic idea of coating PUFs (L10 12)

Answer 11

• a conductive structure is designed for example to create an intentional capacitance
• by measuring the capacitance the object can be identified

Question 12

Main ideas of physical obfuscated keys (POKs)

Answer 12

• key is permanently stored in a physical way instead of digital memory
• any invasive attack will permanently destroy the key

Question 13

Cause of variations on PUFs

Answer 13

• non-uniform conditions during fabrication
• variations in process parameters (oxide thickness)
• aging effects
• variation in dimensions of devices
• ambient effects (i.e. temperature)
• variation in circuit characteristics