Problem: There is no standards based, mass deployable IoT device and app security method available for low end IoT devices such as meters & lights.
Solution: SIMbaeTM Block Encryption Engine upgrade
- This technique transfers data blocks up to a few kilobytes (dependent on SIM-based RAM available to SIMbae) using standard SIM toolkit commands
- The majority of low bandwidth IoT devices do not require streaming communications meaning block communication is acceptable
- The only application integration required is a few lines of code to call a standard SIM Tool Kit (STK) command making this an easy upgrade for existing device designs
- It is deployable using ciphers and protocols that can run on Java Card 2.x (currently deployed on almost all SIMs), such as SCP11, Speck, or ChaCha, amongst others
Advantages:
- Most IoT devices have processors selected for their cost, not security, resulting in zero security.
- All keys, certificates, and ciphers reside in a standard, secure element (the SIM), in which billions have been deployed and are already in all IoT devices connected to the mobile network. Using the standard SIM reduces HW component end-of-life, redesign, and certification risks and costs.
- This allows companies to continue developing or upgrading the existing cost-optimized IoT devices while including a “good enough” security level, which is rarely found today.
- Forward and backward compatibility of SIMs makes the solution future proof.