IoT Security Blog

Articles and Posts on IoT Security, Embedded Systems, and the Internet of Things

RSA

How Big is Your Key?

In providing cryptography solutions for wireless sensors and other devices in the Internet of Things we are often asked, Can the encryption be cracked? We think this is the wrong question to ask when evaluating a cipher. Rather, we feel the question a user should ask is How long will it take to crack this…

Read More

What is Cryptography?

Contributed by Joanne C. Kelleher When I was interviewing for my job at SecureRF, one of the questions I was asked was How do you learn about new technical subjects? I thought it was a strange question at the time and talked about reading, classes, online research, etc. Once I learned more about all of…

Read More

An Introduction to Cryptographic Security Methods and Their Role in Securing Low Resource Computing Devices

Contributed by Joanne C. Kelleher What is the difference between private key and public key cryptography? What is the difference between symmetric and asymmetric cryptography? What is the difference between Diffie-Hellman (Elliptic Curve) and RSA asymmetric cryptography methods? Since SecureRF’s Algebraic Eraser technology offers a combination of symmetric (i.e. private key or secret key) and…

Read More

Got $250? Cloning Electronic Passport Cards

Contributed by Joanne C. Kelleher Security researcher Chris Paget has developed a way to secretly sniff and clone electronic passport cards from 30 feet away with a used RFID reader from eBay. His efforts build off the work of researchers at the University of Washington and RSA, which last year found weaknesses in US passport…

Read More

Cybersecurity, it's not just for individuals any more.

Contributed by Joanne C. Kelleher We have all heard about individuals dealing with identity theft and other cybersecurity issues. Recently the topic of cybersecurity for the U.S. government and the enterprise has been in the news. 1. A new study commissioned by Lumension Security and conducted by the Ponemon Institute found that cybercrime and outsourcing…

Read More

No Surprise: Border-Crossing Cards Can Be Copied

Contributed by Joanne C. Kelleher The Wall Street Journal posted an article called Border-Crossing Cards Can Be Copied.  It is based on a paper (EPC RFID Tags in Security Applications: Passport Cards, Enhanced Drivers Licenses, and Beyond) and set of FAQ that have been posted on the website of RSA Laboratories, a division of EMC…

Read More

RFID Security: Sooner or Later

Contributed by Louis Parks: Shannon Kellogg of RSA recently posted a blog (no longer available) where he felt people in Europe and the United States are getting too worked up over the security and privacy issues around RFID. He feels it is too soon to pressure the industry to require safeguards and it is better…

Read More

Does SecureRF belong in the Doghouse?

SecureRF Corporation replies to comments in the Schneier on Security blog. http://www.schneier.com/blog/archives/2006/10/the_doghouse_se.html Not to our surprise, Bruce Schneier put SecureRF in the Doghouse in his October 9th blog. Bruce provides interesting views and opinions on his blog, often coming from brief observations or encounters with a security or privacy issue. Unfortunately he took the same…

Read More

Will Loose Lips Sink Chips?

The October 2006 issue of DC-Velocity magazine published a RFID 101 Technology Review column titled “Will loose lips sink chips?” by John R. Johnson, Executive Editor. Here is our feedback: http://www.dcvelocity.com/articles/20061001technologyreview/ We found this article to be a great overview of both the challenges and opportunities for passive RFID in item level tagging. We agree…

Read More