Let’s talk about Security

G. Bolumar
Security, a key challenge for IoT

Interconnecting anything

• Surface of attack is exploding

• Attacks are scalable and can
damage others businesses
• Vulnerabilities across the
value chain

On Air Network
Device Cloud Application
infrastructure

Security is an E2E requirement

Public - Restrcicted 2
 The right balance between RISK, EFFORT & COST

Risk analysis The right balance Regulations

+ +
Protecting what maters, where it maters, when it maters
SIGFOX BRINGS
SECURITY BY ON NETWORK
DEFAULT ON-DEVICE ON CLOUD
INFRASTRUCTURE
Public - Restrcicted 3
Security at the heart of Sigfox

Design choices

We recognized from Technology

Day-1, security is one Policies

of the biggest IT strategy

challenge in IoT Human resources
strategy
Partnership
management

Public - Restrcicted 4
1
Radio communication

Protect Data in motion

Sigfox Protocol security mechanisms

Public - Restrcicted 5
 Design choices: A built-in firewall

Device initiated communication:

• Small payload.
• Low bit rate.
• Random frequencies.

Interference robustness: anti-jamming.

Prevent from DDoS.

Secure transmission:
• From base station to cloud.
• From Cloud to costumer application.
Sigfox ReadyTM device Secure transmission
not connected thru IP

Public - Restrcicted 6
 Ensure authentication, integrity & confidentiality
• AUTHENTICATION & INTEGRITY
- Authenticate the message’s sender:
Genuine Device / No - The SIGFOX network ensures that each message
clone of devices had been sent by a genuine device.
- The device ensures that the received messages had
been really sent by the SIGFOX network.
Communication - No data injection possible.
allowed
- Check the message integrity:
- If an entity intercepts a message and modify it, the
FOCUS ON SIGFOX PROTOCOL
Message not modification can be detected.
SECURITY MEASURES
corrupted
- Ensure that a genuine message cannot be replayed (anti-
replay).
Remove possible
injections of fake
messages - Be resilient to jamming attacks.

• CONFIDENTIALITY
- No payload encryption by default but available in option
Public - Restrcicted 7
MAC, pillar of the authentication & integrity
• MAC – MESSAGE AUTHENTICATION CODE:
- 2 to 5 bytes cryptographic token present in each message (uplink and downlink).
- Guaranty the message integrity and authenticates the message sender.
- Relies on symmetric cryptography (AES-128), each device has a specific secret
key, known by the network.

AUTHENTICATION &
INTEGRITY

Public - Restrcicted 8
 Sequence Number to prevent message replay
• How to ensure that a message already emitted cannot be replayed ?
- A counter is present in uplink messages.
- This counter is incremented after each emission by the device.
- The SIGFOX network stores the last sequence number value for each
device.
- The sequence number of each incoming message is compared with the last
one, an incorrect value makes the message be discarded.

Last received message Tolerance window for new

ANTI-REPLAY sequence number Incoming message
PREVENT FROM INJECTION OF
FAKE MESSAGES

Sequence Counter

New incoming message Public - Restrcicted 9

discarded
Option: Sigfox encrypted payload
1 – Payload
generation • Secure data transfer from the object to
the “Cloud”:
- Ensure confidentiality by ciphering data
2 – Payload 3 – Payload
Encryption Decryption
generated by the device.
- Based on specific algorithm designed for limited
payload (AES-based).
RF Module Base Sigfox Customer - A encryption key different for each message.
Station Infra. Infra.
- Decryption done by Sigfox infrastructure before
2 - Payload encryption callback generation.
3 - Payload decryption
• Done by Sigfox library. - No key provisioning required.
• Done by Sigfox infrastructure.
• Session key derived from - Compliant with SE integration.
Network Authentication Key • Key derived on-the-fly from
ensures the message Network Authentication Key. - Cryptanalysis done by research lab.
encryption.
• Once decryption executed
• Even for the same content, the safely, the payload is provided
ciphered payload will different in a call back. ENSURE ENHANCED SECURITY ON
each time. SIGFOX NETWORK

Public - Restrcicted 10
 Advantages from Ultra Narrow Band
GOOD COEXISTENCE PROPERTIES
ROBUST TO OPERATE IN THE PUBLIC
ISM BAND
• Anti-jamming capabilities
- Thanks to UNB intrinsic ruggedness
- Coupled with spatial diversity of the base stations (+20dB)
More than 1000W are needed to jam a single Sigfox Base Station which is
impossible to get!
• Coexistence with other radio networks
For the same technical reasons as above, UNB is extremely robust in an
environment with other spread spectrum signals. However, Spread
spectrum networks are affected by UNB signals.
Ultra Narrow Band is the best choice to operate in
the public ISM band 11
2
Protecting Network Infrastructure

Public - Restrcicted 12
 Security mechanisms on Base Station Software
• Base station can be deployed in hostile environment
• Contains I.P. that shall be protected
• Required security measures
- Nobody can steal Sigfox sensitive software (I.P. protection).

- Nobody can alter the BS Operating System:

+ Offline: Secure Boot with integrity check.
+ Online (at runtime): IMA (Integrity Measurement Architecture).
BS EMBEDDED SOFTWARE
SECURITY
- Binding the OS and the HW:
+ The Base Station can only boot an OS built by Sigfox.
+ The OS can only run on a BS HW.

- Nobody can use the base station to intrude in the Cloud (VPN credentials
protection).

• A TPM is used to secure all the keys involved in these

mechanism in the BS Public - Restrcicted 13
3
Protecting DATA AT REST

Public - Restrcicted 14
 Prevent point of failure with DC redundancy

• ACTIVE / PASSIVE DATA CENTER

- Hosted in France in core Data Centers
- Redundant and fully synchronized D.C.
- Staging platform similar to production
available to validate upgrades.

Synchronisation
CLOUD INFRASTRUCTURE
SECURITY
• REDUNDANT INTERNET
CONNECTION
- 2 connections with different paths for
each data center
- 3rd connection in case of emergency.
- DDOS protection software in Reverse
Proxy with daily update.

15
 Functional redundancy & Layered architecture
• REDUNDANT FUNCTIONAL
COMPONENTS
- Each functional components of the core
network is redundant (load balancer,
application servers, database, …).
- No SPOF in a data center.

• CORE NETWORK IN LAYERS

- Segmentation between access,
applications and database layers.
CLOUD INFRASTRUCTURE
SECURITY
- Each layer is secured to prevent access
to the lower one.
- Segmentation on flows between base
station & web interface.

• SECURE ACCESSES
- Base station access based on VPN with
IP filtering.
- Different layers of reverse proxy.
Public - Restrcicted 16
4
Improving devices security

Public - Restrcicted 17
  SIGFOX is concerned by device security
- Authentication credentials allows access to SIGFOX network
- These credentials are stored in the device
- They must be protected against disclosure and alteration to avoid device cloning
and unauthorized access to the network

 SIGFOX does not produce devices but acts as a facilitator

 3 levels of security are under consideration

1. Authentication credentials are stored in the device without any constraints
2. Authentication credentials are protected via SW security measures
DEVICE SECURITY 3. Tamper resistance
IMPROVEMENT

 Secure Element

- Secure element design by Sigfox: STMicro, Trusted Objects & Wisekey

- Prevent any device cloning

Public - Restrcicted 18
To take away!

Public - Restrcicted 19
 Security by-design – From core to the edge !
Secure
Hardware
Element
Security Module
Hardware Security Module to
manage key information in the
“Cloud”:
Payload Encryption • Dedicated hardware running
cryptographic computation in a secured
execution environment.
• Network Authentication Keys never seen
in clear outside the secured execution
RF Module Base Sigfox Customer environment.
Station Infra. Infra.
• No way to request or to extract keys &
algorithms used.
Secure Element to manage Payload encryption to securely transfer
sensitive info. on device: data from the object to the “Cloud”:
Available
• Store secured assets such as • Ensure confidentiality by ciphering data.
Network Authentication Key. • Specific algo. using different keys for each message.
• Store & run Sigfox authentication
& ciphering algorithms.
• Decryption by Sigfox infra. before callback generation. ENSURE ENHANCED
• No key provisioning required / Compliant with eSE. SECURITY ON
SIGFOX NETWORK
Available Available
Public - Restrcicted 20
security@sigfox.com

Thank you