IoT Security Vulnerabilities of Smart Cities
As IoT devices become smaller and cheaper, more cities are leveraging them to transform themselves into smart cities. Smart cities use IoT devices and technologies to improve the efficiency of their services and assist their citizens in a variety of ways. Smart city IoT applications include:
- Traffic-management systems that reduce congestion and save money on infrastructure repairs;
- Trash bins on city streets and in parks that tell municipal waste managers when bins are ready to be emptied;
- Sensors in parking lots connected to mobile apps that show users when and where parking spaces are available;
- Sensors in street lights that cause them to brighten when people are within a certain distance of the lamp;
- Water sensors that detect when parts of a city are flooded or when a river, stream, or lake has reached a certain height; and
- Bus shelters where waiting passengers can see the location of a bus or train in real time.
As connected devices become more pervasive in smart city deployments, the potential threats from a cyber intrusion grow exponentially more dangerous. For example, while connected traffic light systems can help a city manager monitor and control traffic flow, an attacker could utilize the same system to shut down the road grid and cause accidents. While this is a common tactic used by action movie villians, Hollywood’s imagination is quickly becoming a reality.
How can smart-city managers balance the usefulness of the data collection and management capabilities with the potential risks of abuse and takeover? The answer is that devices must be able to authenticate themselves to the network and to each other, as well as authenticate any messages they send and receive. This ensures that messages received from the devices have not been modified in transit, and that the device won’t respond to commands from unauthorized sources.
Why Existing IoT Devices Are Not Already Secure
The next logical question is: Why are existing devices not already secure? The answer is complex, but boils down to a few main points:
IoT devices typically used in smart cities are often extremely constrained, with limited computation, storage, or energy capabilities. Examples of constrained devices can include smaller 32-, 16-, and even 8-bit CPUs and microcontrollers with limited clock speeds.
The only way to reliably secure such devices is by using public-key cryptography. However, the legacy public-key cryptographic solutions in place today were designed some 30-40 years ago, for much larger systems. They don’t fit on these constrained devices or, if they can be made to fit, don’t work well with them.
As a result, there appears to be a common belief that these tiny devices cannot be secured because they cannot run the appropriate cryptographic techniques. This belief becomes a self-fulfilling prophecy, and the devices remain unsecured.
How Constrained Devices Can Be Secured
There are other cryptographic technologies that fit constrained devices and provide a high level of security without the computational or energy overhead of the legacy methods. These techniques, based on Group Theoretic Cryptography (GTC), enable tiny IoT devices deployed in smart cities to authenticate to the network and each other, and most importantly, to authenticate messages including command and control directives from the management station.
Many devices used by smart cities are left in the field for long periods, say 10-20 years or more. Such devices not only need security, they also need upgradeability and resiliency. It’s likely that during their lifetimes, new bugs will be found that require software updates. Moreover, it’s expected that quantum computers will become large enough in that time to render all legacy cryptographic systems ineffective. So any systems or devices deployed using a legacy cryptographic solution will need to be upgraded to quantum-safe cryptography.
Upgrading large numbers of devices in the field, whether or not they contain built-in upgrade functionality, could be a monumental task. For this reason, it’s always better to create devices with cryptography that is expected to last. Why build a device you expect to live for 10-20 years but use cryptography you know will be dead in five to 10 years?
In addition to providing better performance with fewer resources, GTC techniques are also quantum resistant. This means they can withstand expected attacks from quantum computers – meaning devices encrypted with GTC will last their full expected lifetimes.
Are you building IoT devices that will be used in smart-city applications? We have quantum-resistant cryptographic solutions proven to be effective in the embedded systems, sensors and microcontrollers used in smart-city devices. Contact us for a demonstration and evaluation kit.