Spotlight On
Future-proof security solutions are needed due to the threat of quantum computing, which is on the horizon. In 2016, MIT and IBM successfully built and ran very elementary quantum computing systems. When you combine this with the fact that there are two algorithms that have been mathematically proven to denigrate or even render some of the currently-used security methods insecure, future proofing the security of devices becomes incredibly important. The effectiveness of cryptography solutions comes down to their mathematical foundations. Two or three public-key, or asymmetric, methods are typically used in the identification authentication stages of a protocol for proving the validity of the device. However, the current methods embedded in most PCs, laptops, smartphones, and tablets unfortunately are not future proof. Engineers can use the methods for devices that will be deployed for only a few more years. But this is a real problem for devices, perhaps used for environmental management of a building or home, that could be in use for 10 years or more. Engineers need to think about the mathematical foundations of the security methods they are considering. Are the methods actually immune to or protected from potential quantum computing attacks? SecureRF products are being used in several pilots because our solutions are future proof to currently known attacks, but I would say that, on the whole, the market is only just beginning to address this issue.
During the course of your career so far, what is the most exciting development you have seen/been a part of?
For me, one of the most exciting developments is the explosion of connected low-power wireless devices, gathering data from places and things that I never would have expected when I first started out. I think there is still a way to go before we are using that data to the best advantage, but the fact that it exists, whether it is work data, medical data, or data for my house and what I am doing, is amazing. It is hard to think of any area anywhere that is not going to be touched in some way or another by the IoT. I am afraid we will find out in the near future if this is amazing or terrifying!
What are some of your market objectives within SecureRF?
Our market objective is to establish a strong presence as a security solution provider for very low-power small devices amongst semiconductor and intellectual property design houses working within the IoT. There is a gap in this area and we are a good fit to fill the need for strong security on these small devices going forward.
IoT is a term for such a wide range of products and technologies. Will it ever really be safe and secure?
Unfortunately, the short answer is no. The first part of the question correctly states that the IoT includes a wide range of products and technologies. There will always be something that is not secure. Secure can also mean many different things. A device can be secure in the sense
www.cieonline.co.uk
that we absolutely know that it is what it says it is, but it may be sharing data or elements of data that provide enough information for someone to act on it in a malicious fashion. As an example, when they first created smart meters, which were intended as a tool to measure energy consumption in financial terms, a hacker could gain access and determine if you were home based on the amount of air- conditioning or heating that your house was using. So, "safe and secure" has a broad definition, which I do not think is achievable on a global or macro basis. I do think that you can look at it on a micro basis. Individual devices can be made safe or safer.
How is SecureRF staying ahead of the market?
If we define the market for us as other security methods that can secure small or lower-resource devices, then we operate in an area of the market where it is actually difficult to create new products and solutions. This is because public key cryptography, or asymmetric methods, which is our primary focus, has only existed for just over 40 years. In that time, only a handful of methods have been developed and tested sufficiently to be used at some level. Our methods are based on Group Theoretic Cryptography (GTC), which has been in existence for about 40 years but only now is becoming recognised. This is because of a combination of factors, including SecureRF’s commercial activity, but also because of other general activity and interest around the methods and the publication of academic papers on the subject. As a company, SecureRF is very focused on publishing and researching GTC so that we can share information with the community. One of our missions
is to better educate the cryptographers and security professionals who need to make decisions about how to secure small devices. We are doing research on extending our mathematical models and platforms, which, just like in other industries, the rest of the market may not see the results of for a year or two. In fact, we will be introducing a new asymmetric key agreement protocol, based on some of our current work, before the end of the year that we have been working on for about a year and a half. But this is only the starting point, because it would still take about another few years before I would expect to see it in a prototype or a product. It is fair to say that we are very focused on studying and developing our own platforms as well as existing platforms in the market to understand where and how we fit in. Doing so enables us to maintain a leading position in the market for IoT security solutions.
What challenges do you predict for the future of security within IoT?
Well there are a lot of challenges. One involves addressing a broad range of devices that do not have anything in common other than the fact that they process data, process commands, and instigate actions on behalf of a user. There is no common operating system. This makes security a hugely challenging scenario. And, again, we have the issue of what security is and what it means. There is also the fact that there are already hundreds of millions, if not billions, of devices with processors in the market, collecting data and performing critical functions, that were designed with little or no security. In some cases, there is an effort to retrofit or go backwards and look
at those devices to address the lack of security. Sometimes it is a case of just getting to the next generation of device that will address that future function that hopefully will have security in it. But, generally speaking, IoT device security is a huge issue that is becoming increasingly important each day.
When you’re not working, what’s your favourite thing to do in your spare time?
Well, I like to do woodworking. Not in the sense of carving things or making ornate tables, but I tend to build things like tree houses and chicken coops and other things of that nature. I find it pretty satisfying to design and figure out the structure something should take, and then execute and build it. It is a very physical thing to do, and it is like a chess game because I have got to figure out what I need to do next so it does not go wrong. I like to be creative. Maybe after we have introduced some of our new and upcoming protocols, I should share some of my chicken coop designs.
www.securerf.com
Components in Electronics
October 2017 33
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60
