Global Sources
EE Times-India
Stay in touch with EE Times India
EE Times-India > RF/Microwave

IoT security stands on shaky ground, but help is on the way

Posted: 25 Jan 2016     Print Version  Bookmark and Share

Keywords:Rambus  IoT  security  SoC  IDC 

According to Paul Kocher, a security expert in a keynote at DesignCon, the short term outlook for security is cloudy, but a combination of better engineering and more spending should be able to turn the table.

The growing number and complexity of devices will continue to outstrip our ability to secure them for the next few years during which time "we'll see a lot of failures," said Kocher, the chief scientist of the cryptography research division of Rambus.

"We'll have a rocky road ahead for the next decade" given the combination of the emerging Internet of Things with "offensive cyber programmes just about every country has," he said. International Data Corp. (IDC) predicted that within two years 90 per cent of all IT networks will have an IoT-related security breach, he added.

Paul Kocher

Kocher: Short term outlook for security is bleak.

At some point, adding a new feature to a product could reduce its value because it creates more complexity and less security. As an extreme example, he noted that after the Edward Snowden leaks, the Russian guard and the India High Commission both switched from using PCs to typewriters.

"We have to have stronger foundations for security and correct assumptions about software quality," Kocher said, noting engineers must assume all products, software or hardware, will have bugs. "The ability of the tech industry to change the world depends on solving these problems," he said.

Kocher predicted the industry's spending on security will grow faster than other areas, just as aviation and pharmaceutical industries have focused on safety.

The good news is a wider variety of security components are becoming widely used from SIM cards to trusted platform modules. And the costs of adding good security are declining from a few dollars for discrete chips to a few cents for blocks on an SoC.

"I'm most optimistic about doing things in SoCs better" such as supporting multiple secure domains, he said.

For its part, Rambus has developed IP cores for security that are now being used by chip vendors such as Qualcomm. "We are making everything a cryptographically signed, secure process," he said.

Rambus has also developed techniques for easing the logistics of integrating keys from many third parties into products made at various plants. It also has an approach for using cryptography to unlock features in an SoC so a chip based on a single mask set can be configured for a variety of products.

Long term smartphones that already are used instead of credit cards at the point of sale will also be used as sources of identification, perhaps even a passport. "The contactless chip in the passport could be in the phone, and there are many reasons why it should be in phone," he stated.

- Rick Merritt
  EE Times

Comment on "IoT security stands on shaky ground,..."
*  You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.


Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

Back to Top