You are a tinkerer. You want to build things, which you do at home in your garage. You dream of your device, the little BLE-enabled-chip-that-could, becoming a wild success on Kickstarter — plastered all over TechCrunch and on The Verge. All is well — until your customers flock to social media en masse with that dreaded phrase on their fingertips: “I got hacked.”

你是个修补匠。 您想建造东西，然后在车库里在家中做。 您梦dream以求的设备-可能启用BLE的小芯片，在Kickstarter上大获成功-遍布TechCrunch和The Verge。 一切都很好-直到您的客户大批涌向社交媒体，他们的指尖触手可及： “我被黑了。”

As of right now, there is no such thing as being unhackable. Security is a best effort attempt at getting an attacker to sit back and say, “This is too hard. I’m going to give up.” Unfortunately, the ease with malicious information can be found via the internet makes being on the offense all too easy.

到目前为止，还没有不可破解的东西。 安全是一种尽力而为的尝试，它可以使攻击者坐下来说： “这太难了。 我要放弃。” 不幸的是，可以通过互联网轻松找到恶意信息，这使得犯罪变得非常容易。

It feels like the current state of security in IoT exists because of a widespread lack of awareness around potential vulnerabilities — possibly due to the hobbyist nature of the space. There is an evident lack of engineering refinement in the bulk of wearables and home automation products currently on the market. A 2017 IBM sponsored survey indicated that a whopping 80% of IoT apps were not tested for security flaws.

感觉物联网的当前安全状态之所以存在，是因为人们普遍缺乏对潜在漏洞的认识，这可能是由于该空间的业余爱好所致。 当前市场上的大量可穿戴设备和家庭自动化产品中，显然缺乏工程上的改进。 2017年IBM赞助的一项调查表明，高达80％的IoT应用未经过安全漏洞测试。

So, why is IoT lagging so much? Enforcing security in web and on mobile applications is a well-trodden path. Solutions are widely known, and they can often be integrated by simply dropping a library into a given service or software project. Interestingly, the traps are very much the same for embedded systems. The difference is that there is less shared knowledge around preventing common methods of attack, primarily in the non-enterprise space.

那么，为什么物联网落后这么多？ 在Web和移动应用程序中加强安全性是一条通俗易懂的道路。 解决方案是众所周知的，并且通常可以通过简单地将库放入给定的服务或软件项目中来集成它们。 有趣的是，对于嵌入式系统，陷阱非常相同。 区别在于，主要是在非企业领域中，围绕防止常见攻击方法的共享知识较少。

With that all said, let’s jump into some solutions.

综上所述，让我们跳入一些解决方案。

快速入门：了解您存储的信息的价值以及如何加以利用。 (A quick primer: understand the value of the info you’re storing, and how it can be compromised.)

Skip this section if you know the basics of cybersecurity.

如果您了解网络安全的基础知识，请跳过本节。

There are a few questions you may want to ask yourself before you get started with your prototype: What is your system about? What sensitive data will your user be sharing with it? What happens if this information gets leaked or corrupted? Even if the answer to the latter is “nothing”, you still may want to think about how to protect any data on your device.

在开始使用原型之前，您可能需要问自己几个问题：系统是什么？ 您的用户将与哪些共享敏感数据？ 如果此信息泄漏或损坏，该怎么办？ 即使对后者的回答是“无”，您仍然可能要考虑如何保护设备上的任何数据。

Attacks boil down to four main categories.

攻击可归结为四个主要类别。

• Disclosure of data — the leakage of sensitive data to an attacker

  数据泄露-敏感数据泄露给攻击者

• Spoofing of data — the faking of sensitive data to yield a particular result. This could be done to impersonate an authorized entity, and sensitive data may or may not be leaked in the process

  数据欺骗-伪造敏感数据以产生特定结果。 可以这样做以冒充授权实体，并且敏感数据可能会或可能不会在此过程中泄漏

• Corruption of data — the obfuscation of sensitive data by an attacker such that it can no longer be used

  数据损坏-攻击者对敏感数据进行混淆，以使其无法再使用

• Denial of service — the overloading of a system’s input devices or mechanisms such that it is not able to service all requests, to the point that it is rendered unresponsive

  拒绝服务-系统输入设备或机制的过载，使得它无法为所有请求提供服务，以至于它变得无响应

In order to determine the right solutions and bake them into your product from the start, you’ll want to think about the following principles.

为了确定正确的解决方案并将其从一开始就应用到您的产品中，您需要考虑以下原则。

• Confidentiality — keeping sensitive data secret. Solutions here involve encrypting sensitive data.

  机密性-将敏感数据保密。 这里的解决方案涉及加密敏感数据。

• Integrity — ensuring that sensitive data is not modified in flight. Solutions here involve hashing sensitive data.

  完整性-确保敏感数据不会在飞行中被修改。 这里的解决方案涉及散列敏感数据。

• Authenticity — verifying that the sender is who he/she claims to be. Solutions here involve generating unique encryption keys in order to maintain the confidentiality of each user or entity in a given system.

  真实性-验证 发件人就是他/她声称的身份。 这里的解决方案包括生成唯一的加密密钥，以维护给定系统中每个用户或实体的机密性。

So, how can these areas of vulnerability be addressed on an IoT device? It helps to think about your system as a graph of links and nodes, and assess vulnerability to attack per unit. Can sensitive data be retrieved from your device’s memory? Can sensitive data be intercepted via the Bluetooth or Zigbee requests that are being made? What about when data is on the bus between the device’s CPU and another component?

那么，如何在IoT设备上解决这些漏洞领域？ 它有助于将您的系统视为链接和节点的图形，并评估每个单元遭受攻击的脆弱性。 是否可以从设备的内存中检索敏感数据 ？ 是否可以通过发出的蓝牙或Zigbee请求拦截敏感数据 ？ 当数据在设备的CPU和另一个组件之间的总线上时该怎么办？

I realize this advice sounds suspiciously like “learn about security in general”. Which it is. You will not be able to protect your device, and ultimately your users, in any manner if you do not have a basic understanding of how an attacker might compromise your product.

我意识到这个建议听起来像是“一般性地了解安全性” 。 是的 如果您对攻击者可能如何危害您的产品没有基本的了解，则将无法以任何方式保护您的设备以及最终的用户。

The good news is, should you be interested, that there are hundreds of academic and applied security courses available online, such as this one on hardware security offered by the University of Maryland.

好消息是，如果您有兴趣，可以在网上找到数百种学术和应用安全课程，例如马里兰大学提供的有关硬件安全的课程 。

从硬件开始。 (Start with your hardware.)

Basic single-CPU IoT devices do not often have the resources to protect themselves adequately. Unlike larger devices, such as phones, laptops, or consoles, they’re often built with smaller and weaker chassis, and do not always have the computing power necessary to generate complex keys or encrypt data performantly. Luckily, there are some workarounds that are accessible to the amateur IoT enthusiast.

基本的单CPU IoT设备通常没有足够的资源来保护自己。 与较大的设备(例如电话，笔记本电脑或控制台)不同，它们通常是用较小且较弱的机箱构建的，并不总是具有生成复杂密钥或高效加密数据所需的计算能力。 幸运的是，业余物联网爱好者可以使用一些解决方法。

保护您的设备不受物理漏洞的影响 (Protect your device from physical vulnerability)

Sometimes, just having physical access to device is enough to attack it. Cold boot attacks, for example, rely on the data remanence property of DRAM and SRAM to retrieve memory contents that remain readable in the seconds to minutes after power has been removed. This means an attacker can read sensitive data or encryption keys from your device’s memory by cycling the device’s power on and off.

有时，仅对设备进行物理访问就足以攻击它。 例如，冷启动攻击依靠DRAM和SRAM的数据剩余属性来检索断电后数秒至数分钟内仍可读取的存储器内容。 这意味着攻击者可以通过打开和关闭设备电源，从设备的内存中读取敏感数据或加密密钥。

There are a variety of other side-channel attacks that an attacker can choose to execute on, such as DMA attacks (if a given component has direct memory access), bus sniffing, and so on.

攻击者可以选择执行其他各种旁通道攻击，例如DMA攻击 (如果给定组件具有直接内存访问权限)， 总线嗅探等。

A solution here is potentially to make your chassis uncrackable, which… is possible but extremely difficult. You could also require in your instructions to install the device in a high place, or somewhere out of sight, but this is highly dependent on the type of product you’re intending to build.

此处的解决方案可能会使您的机箱无法裂开 ，这是可能的，但是极其困难。 您还可能会在说明中要求将设备安装在较高的地方或看不见的地方，但这在很大程度上取决于您打算制造的产品的类型。

In the very likely chance you are unable to make an impregnable device, you could consider integrating a hardware cryptography component into your design.

如果您无法制造坚固的设备，可以考虑将硬件加密组件集成到设计中。

从一开始就集成硬件加密解决方案 (Integrate hardware crypto solutions from the start)

Why are hardware cryptography solutions so great? They’re what I would call the hardware version of “that security lib I dropped into my Android project and now everything just works great”. The benefits here are measurable:

为什么硬件加密解决方案如此出色？ 他们就是我所说的“ 我放到Android项目中的那个安全库，现在一切都很好用 ”的硬件版本。 这里带来的好处是可以衡量的：

• Offloaded computation — On many offerings, you can perform key generation, encryption (AES, RSA, ECC), hashing (SHA), signing, string compares for password checks, and so on, on this secondary device. This alleviates resource usage on the main CPU and means that no keys, plain-text, or even temporary variables, are stored in main memory.

  卸载计算-在许多产品上，您可以在此辅助设备上执行密钥生成，加密 (AES，RSA，ECC) ，哈希 (SHA) ，签名，字符串比较以进行密码检查等。 这减轻了主CPU上的资源使用量，这意味着主存储器中没有存储任何键，纯文本甚至临时变量。

• Secure key storage — If keys need to be reused, they need to be stored somewhere safe. A number of offerings come with their own secure storage just for keys, meaning that the keys themselves are encrypted on the storage device. Yes that’s right. Your encryption keys will be stored encrypted.

  安全密钥存储 -如果密钥需要重复使用，则需要将其存储在安全的地方。 许多产品都为密钥提供了自己的安全存储，这意味着密钥本身已在存储设备上加密。 是的，这是对的。 您的加密密钥将被加密存储。

There a variety of offerings from companies like Intel and Atmel, such as the Atmel ATECC608A, and they usually come with the benefit of their own dedicated secure EEPROM arrays for key storage. This also means you can ensure that anything stored in main memory or travelling over a bus is not plain-text!

英特尔和爱特梅尔等公司提供了多种产品，例如爱特梅尔ATECC608A ，它们通常具有自己专用的密钥存储安全EEPROM阵列的好处。 这也意味着您可以确保存储在主存储器中或通过总线传输的任何内容都不是纯文本！

These solutions often utilize SPI or I²C to communicate with whatever micro-controller it is hooked up to, so if you are unfamiliar with these bus types, you may want to double-check which type supported by your board.

这些解决方案通常利用SPI或I²C与所连接的任何微控制器进行通信，因此，如果您不熟悉这些总线类型，则可能需要仔细检查板支持的类型。

Even if all of this sounds intimidating, there’s no need to worry! Many hardware cryptography solutions can easily be hooked-up to Arduino, Raspberry PI, and other enthusiast boards. And the the benefits of doing so certainly outweigh the costs.

即使所有这些听起来令人生畏，也无需担心！ 许多硬件加密解决方案可以轻松地连接到Arduino ， Raspberry PI和其他发烧友板。 这样做的好处肯定超过了成本。

意识到熵和功率不在您身边 (Realize entropy and power are not on your side)

I recognize that not everyone is able to include a hardware encryption solution from the start, be it due to cost, lack of confidence, or lack of expertise. But, if for some reason you cannot integrate any type of cryptography chip, you should still keep in mind that small embedded systems can have real issues with gathering entropy.

我认识到，由于成本，缺乏信心或缺乏专业知识，并非所有人都能从一开始就包括硬件加密解决方案。 但是，如果由于某种原因您无法集成任何类型的密码芯片，则仍应记住，小型嵌入式系统在收集熵方面可能会遇到实际问题。

Why is entropy important? Encryption relies heavily on randomness to generate strong keys. Unfortunately, we are yet to generate true randomness with computers, and so we have to look to a variety of sources to provide a random seed or to fake randomness for us. Small embedded systems are especially bad at this, as they are often very simple devices with short boot times, and keys are often one of the first things a system may generate.

为什么熵很重要？ 加密严重依赖于随机性来生成强密钥。 不幸的是，我们还没有使用计算机产生真正的随机性，因此我们必须寻找各种来源来为我们提供随机种子或伪造随机性。 小型嵌入式系统在这方面尤其不利，因为它们通常是启动时间很短的非常简单的设备，并且密钥通常是系统可能生成的第一批内容之一。

This is why hardware cryptography solutions are so useful; they are usually equipped with inputs to provide enough entropy to generate sufficiently strong keys.

这就是为什么硬件加密解决方案如此有用的原因。 它们通常配备有输入，以提供足够的熵来生成足够强的密钥。

选择适合您规格的加密算法。 (Pick encryption algorithms that fit with your specs.)

Whether you pursue a hardware or software security solution for your device, it helps to know what algorithms you actually need, so you can properly assess if your system can support it.

无论您是为设备寻求硬件还是软件安全解决方案，它都有助于了解您实际需要的算法，因此您可以正确评估系统是否支持它。

If you know a little bit about security, you’ve probably heard of symmetric and asymmetric cryptography. The way they work that is implied by their names: symmetric cryptography requires all parties to utilize the same encryption key, but asymmetric cryptography relies on different parties using different keys that mathematically complement each other.

如果您对安全性有所了解，您可能已经听说过对称和非对称加密。 它们的名称暗示了它们的工作方式：对称密码学要求所有各方都使用相同的加密密钥，但是非对称密码学依赖于不同方使用数学上相互补充的不同密钥。

While it’s natural to think, by these definitions, that symmetric key cryptography is easier to crack, they are somewhat difficult to compare, as symmetric and asymmetric cryptography were developed for different purposes. Symmetric encryption is used to protect information and keep it private. Asymmetric encryption was developed to authenticate a user or computer, verify a message is authentic, and/or distribute symmetric keys.

通过这些定义自然可以认为对称密钥密码术更容易破解，但是由于对称和非对称密码学是为不同目的而开发的，因此很难比较。 对称加密用于保护信息并将其保密。 开发了非对称加密来验证用户或计算机，验证消息的真实性和/或分发对称密钥。

A common symmetric key library used in small IoT devices is AES-256. However, you might want to consider using lesser known encryption algorithms like ChaCha20, which is twice as fast as AES, constant-time, and much more CPU-friendly. If code size is an issue for your application (for example on very low end Arduino variants), then Speck on AVR is less than half the code size of ChaCha, at the cost of more data memory for the state and longer key setup times.

小型IoT设备中使用的常见对称密钥库是AES-256。 但是，您可能需要考虑使用鲜为人知的加密算法，例如ChaCha20 ，该算法的速度是AES的两倍，恒定时间且对CPU友好得多。 如果代码大小对于您的应用程序来说是个问题(例如，在非常低端的Arduino变体上)，则AVR上的Speck小于ChaCha的代码大小的一半，但会增加状态的数据存储空间和更长的按键设置时间。

If you need to use public key (asymmetric) encryption, consider using Elliptic Curve Cryptography. ECC is very popular right now, for good reason. It uses smaller key lengths than those used by older schemes (RSA, DSA) to achieve the same given security level. This is great for small devices, because it provides the increased complexity of asymmetric without as much “effort” on the part of the device.

如果您需要使用公共密钥(非对称)加密，请考虑使用椭圆曲线密码术。 ECC有很好的理由，现在非常流行。 与以前的方案(RSA，DSA)使用的密钥长度相比，它使用较小的密钥长度来实现相同的给定安全级别。 这对于小型设备非常有用，因为它增加了不对称的复杂性，而在设备方面却没有太多“努力”。

不要让您的原型成为您的产品。 (Don’t let your prototype become what you ship.)

In a sense, the Arduino-ification of the electronics enthusiast space has not helped, though I am personally happy that its popularity has made electronics more accessible to the average person. And I am no different here. My first board was an Arduino Duemilanove. The first PCB I designed myself used an ATmega328 with Arduino Optiboot that I got on sale from Sparkfun.

从某种意义上说，电子发烧友领域的Arduino化并没有帮助，尽管我个人很高兴其受欢迎程度使普通人更容易使用电子产品。 我在这里也一样。 我的第一块板是Arduino Duemilanove 。 我自己设计的第一块PCB使用的是ATmega328和Arduino Optiboot ，这是我从Sparkfun出售的。

The problem is that many small indie wearables or device makers ship with Arduino (or similar boards), and often use the Arduino language or other tools that come with the ecosystem. Unfortunately, everything about that ecosystem is known. The schematics are known. How information is stored in memory is known. The reality is, you never know how an attacker will take advantage of this knowledge.

问题在于，许多小型独立可穿戴设备或设备制造商都随Arduino (或类似的电路板)一起提供，并经常使用Arduino语言或生态系统随附的其他工具。 不幸， 关于该生态系统的一切都是已知的。 原理图是已知的。 信息如何存储在内存中是已知的。 现实情况是，您永远不知道攻击者将如何利用这些知识。

Security often sounds difficult to implement on low resource IoT devices, given the limitations of flash memory and processing power, but once you have developed a good sense for the types of information that need protecting and how your device would handle them, the path to safety becomes a little more intuitive.

鉴于闪存和处理能力的局限性，在低资源物联网设备上通常很难实现安全性，但是一旦您对需要保护的信息类型以及设备如何处理这些信息有了很好的认识，就可以找到安全的途径变得更加直观。