Security Principles

There is an interesting webinar published by Chess Wise on their mymesh network. It is a good and informative webinar, but at 9m30s mark it really caused my eyebrows to rise. This is when they started discussing security, explaining and defending their proprietary "by obscurity" architecture.
"...we inject our secret keys into the modules..."
Excuse me, what?

First of all, there is nothing like injecting a key. You can inject a COPY of a key, but not the key itself. What it means is the OTHER COPY of the key stays with the company. In other words: Chess has access to all networks. By design. Many other people can too, as it is unknown what security measures and processes they have internally to protect the keys. Do their employees have access to the keys? are the keys backed up? Who has access to backups?  How can they ensure there were or will be no leaks? What would you say if the manufacturer of your door lock (or a local locksmith) had copies of keys for all the locks they sold? Would that be secure?

Kerckhoffs's principle / Shannon's maxim: answers to these questions shouldn't be a secret. What should be secret are those keys.

This is one of the most fundamental problems we aimed at solving in Bluetooth Mesh provisioning protocol. We never ever ever wanted the manufacturers to have anything to do with what security keys are used by networks. Yes, each Bluetooth mesh device has a secret key, the Device Key. But that key is not given to the device by anyone. It is created by the device itself, by deriving it from an ephemeral value called ECDHSecret, which itself is a result of fairly complex elliptic curve computations. For details, see Section 5 (Provisioning) in the Mesh Profile specification.

Which brings me to the other point: the implicit security guarantee of open systems. The gentleman on the webinar kept saying something along the lines of:
 "we can't tell you how it works, as it is proprietary, but trust us, it is secure"
So the question is why should my only option be to unconditionally trust them? Not that their intentions are immediately evil. But they might have simply overlooked a thing or two. And since nobody could ever review their architecture, we know nothing about the security of it, just that the two guys look decent and seem to be nice overall. And by the way, undeniably they will have copies of my keys...

But imagine you are a big property manager, with thousands, or even millions of square feet (or meters, depending on geography) and you are about to contract the system from the company that claims it’s secure, but there is no way to validate that claim. Would you accept such a risk? Unlikely... Security is hard, and open architecture is fundamental to it. Open, meaning it could have been analyzed by a number of independent researchers who validated it to be solid. It is like the FAA and other agencies analyzing the airworthiness of an aircraft, based on the documents provided by a manufacturer. The 737-MAX case has taught us what may happen if this process is not fully independent nor open.

To summarize, here are several security principles that should be followed for a secure network:
  • The keys to devices and networks should never be known to manufacturers. 
  • The system architecture should be open, so that it can be analyzed and verified by independent security researchers.
  • The design should never use any hard-coded security material.
  • Private keys should never live outside of a secured device storage. Injecting them from outside is a principal violation of security. It essentially means the keys are not private anymore.
This blog touches just the tip of the security iceberg. To learn more, the Bluetooth Mesh Security Overview is a good starting point. Or ask me a question :)

Comments

Post a Comment