Our latest thinking on the issues that matter most to hardware security professionals.

Global crypto keys in the IoT world and the threats they present

IoT cryptography frequently employs shared global keys due to the relatively low prices of IoT devices. Global keys, while economically pragmatic, make the devices inherently insecure:

compromising only one device by means of a side-channel attack, which extracts the secret key, makes all identical devices vulnerable to hackers. Defending against these attacks is resource-intensive. Of the various kinds of side-channel attacks, Differential Power Analysis (DPA) is the cheapest to deploy with potentially the highest amount of damage to the manufacturer.

What can be done to protect IoT devices from such attacks?