Last Christmas, while everyone was asking for their favorite IoT device (think Alexa), Siemens was busy patching a bug. Of course, the industrial IoT isn’t about Echos and Dots. It’s all about much more mundane devices; gray boxes that are easily taken for granted, quietly doing their thing – hopefully securely. Well, it turns out that many of them aren’t. Researchers at the University of Pennsylvania have identified dozens of vendors that provide IoT ‘things’ and other networking gear that unfortunately use weak keys to encrypt the data they share. Siemens, to their credit, actually did something to fix it. The research started a few years ago and was recently repeated and it found that there are serious issues with entropy generation.
Cast your mind back to those high school physics lessons and recall that entropy is the measure of randomness and that randomness is what we desperately need when we make crypto keys. When we think about SSL (yes, I know I should call it TLS but I just can’t shake the habit) it’s easy to focus on the pain associated with buying and managing the certificates and picking the right algorithms and key lengths. But how many of us think about randomness? Without good random numbers you can’t make good keys. Anything less than true randomness introduces risk. The trouble is that almost no-one gives much thought to where their random numbers come from and that’s what tripped up Siemens, and many others.
Almost all random numbers come from the operating system. The problem is that software can’t generate true random numbers. When software does sometime random we call it a bug, not a feature! The best that software can do is make ‘pseudo random numbers’. The good news is that these numbers can be actually much more random than their name would imply. But this depends on the OS having a sufficient source of high quality entropy to ‘seed’ the random number generation process. Fortunately, entropy is everywhere, it’s all around us, the big question is how do operating systems and applications get their digital hands on it? Well, it turns out that this is not as easy or common as we would all like to believe.
Believe it or not there are war stories of ingenious IT security folk using lava lamps and cameras to capture entropy. That’s fine (unless someone turns off the light) but it’s hard to scale to the IoT and it hardly fits the virtualized philosophy of the cloud where you know virtually nothing about the hardware your stuff actually runs on.
If you stand back you can see the dilemma. We’re doing more and more crypto and need longer and longer keys and yet we run our applications in environments where there is less and less entropy. Not surprisingly, the problem of entropy starvation is starting to be exposed. Now, in the case of Siemens, we’re only talking about air conditioning controllers but does anyone really think that the boxes that control the elevators, our mass transit systems, our power grids and one day our driver-less cars are really any smarter?
There’s much talk about IoT security. Chip vendors, OS providers and application developers are all doing their best, but entropy is one of those issues that has implications up and down the entire stack. As new IoT (and cloud) security standards get written let’s hope that entropy doesn’t fall through the cracks.
Here’s a link to the full article if you’re interested: https://threatpost.com/siemens-patches-insufficient-entropy-vulnerability-in-ics-systems/122699/