Today we’re going to be taking a look at the MAXREFDES143, Maxim’s newest reference design for Industrial Internet of Things applications. This is the MAXREFDES143 and we’re going to be using it to show how authentication and data integrity can easily be brought into an IoT ecosystem. What we have is a sensor node. In our case this will represent a water filter. We also have a light sensor to monitor the remaining life of the filter, a temperature sensor to measure the temperature of our water, and the DS28E15 that we use to authenticate the sensor and to provide data information on the device for things such as remaining filter life and other life cycle management.
Each one of these sensor nodes will connect up locally to a controller node. These controller nodes are WI-FI enabled and they can, in turn, connect to a web server, one centralized web server that can manage everything in the ecosystem. As this is running, you’ll see the DS2465 on our controller will connect up to and authenticate our sensor node. From there, we’ll begin taking data from the sensor node, um, you’ll see it displayed locally here, and it will also be reformatted for transmission to the web server.
Before we can transmit to the web server, we need to compute to a digital signature, or MAC, that's used for verification of the data that ties into our whole authentication and data’s integrity, so we request a challenge from the web server and use this to prevent replay attacks where old data would be reused by an attacker. Once we have our challenge, we’ll put that data, along with our sensor data, back into the DS2465, and when that’s combined with a secret shared between the controller and the web server, we’re able to generate our MAC, your secret is always stored in the DS2465 secure memory and never leaves.
Once we have all of our data, we can send it out through our WI-FI connection. The web server is able to validate our signature and ensure that the data came from an authentic controller that's part of the system and can also verify that no errors were introduced and no tampering occurred with the sensor data. We’re now ready to fire this up and take a look.
To begin, we’ll insert an invalid sensor node that will tell if the DS28E15 is counterfeit or has not been programmed with the valid secret. As you can see, it is displayed locally that the sensor node is not authentic and the controller simply sends a message to the web server that indicates that an invalid sensor was detected. From there it returns back, prompting us to insert another sensor node. So, we’ll try again with a valid Maxim sensor node.
We’ll insert that, press provision, and you can see that our valid data is displayed here and on the web server.
You can shade this light sensor to change the sensor data, and you can see those changes reflected with the filter life of 61% here. You’ll notice that even though the filter life has remained at 61 and the temperature at 25 degrees, the MAC has changed and this is a result of our challenge that we received from the web server, which causes a constant rotation of the MAC value.
Next we’ll simulate what would happen if you used an invalid controller. By pressing the invalidate button once, we cause the controller to use an invalid secret, which is then reflected on the website. You can see the expected MAC did not match the MAC that was received from the controller and, therefore, the data was rejected by the web server. Pressing the invalidate button again returns to normal operation, and you can see that the MAC now matches the expected MAC again and the data was accepted and cataloged.
There are a couple of key advantages to this design: This metric approach to authentication is easy to implement, as well as cryptographically sound. All cryptographic hash functions are handled by the DS2465, so minimal additional resources are required, which is great for IoT devices that are cost sensitive. Additionally, the DS2465 provides secure key storage for the secrets that are used in the authentication scheme and this means that your processor needs no secure memory or other security related features, so it’s easy to implement this in an existing design.
All of our code has been made available on mbed for immediate use and download. If you’re using a platform board such as our MAX32600MBED, or any other mbed enabled board, you should be able to get up and running very quickly. For more information, please visit the MAXREFDES143 page on our website, or on mbed.