Why Is Key Rotation Important to Deployed IoT Devices?

Posted on Nov 22, 2022 by John Weil

5 min read

Key rotation limits information being exposed or unknowingly compromised, and it also ensures that systems are more resilient in inevitable breaches. For deployed IoT devices, key rotation is essential. Here’s why.

When people think about encryption, they tend to think of HTTPS, which establishes a secure internet connection with users. But in the complex, digital world of today, the Internet of Things demands mutual authentication. In short, devices can easily connect to a trusted server, but servers also have to confirm that the device is trusted.

Trust in the technical space comes in the form of encryption, and keys are the literal keys that open and close the doors to authentication. But, like any key, these elements have to be kept safe and maintained — they have to be rotated.

Asymmetric vs. Symmetric Encryption

Encryption is the process of encoding information, meaning that plaintext is converted into ciphertext that only authorized parties can access and read. There are two types of encryption in use: asymmetric and symmetric.

Symmetric is when one key is used to both encrypt the message and to decrypt the message. This mode is less secure than asymmetric but is easier to use.

Asymmetric, on the other hand, uses two different keys (one to encrypt, one to decrypt) from public and private key encryption techniques. Asymmetric encryption requires more time than symmetric, but is significantly more secure.

Asymmetric is typically used to transfer smaller amounts of data compared to symmetric encryption, and the length of the key used for asymmetric encryption is larger than that of symmetric (2048+ bits versus 128 or 256). Perhaps the most striking difference though, is that symmetric only provides confidentiality to users, whereas asymmetric offers confidentiality, authenticity, and non-repudiation.

Why Does Encryption Matter?

Encryption keys are critical to protect information from hackers and ensure that data is shared only with desired users. The keys themselves have to be protected too.

Nowadays, with the cloud and devices working together more often, there has to be robust trust between the two to stop unencrypted traffic. The most effective way to realize this trust is with continuous software updates — these aren’t solely about sending new features to devices, but about running something that needs to be updated. Naturally, during the update process, users need to take care that no security vulnerabilities arise, particularly around encryption.

What is TUF?

The Update Framework (also known as TUF) is a model to help protect how software is automatically updated and downloaded. Its prime focus is to shield software repositories from malicious actions, and it does so by providing robust security, even if encryption keys become compromised.

TUF takes on a number of roles but essentially defends the root key, which is the ultimate level of trust in the TUF chain. Root keys delegate trust to other roles, resulting in other, less secure keys that start floating around. If there’s a problem with that key, the root key is updated and the affected key is eliminated. TUF helps maintain control of the root key, regardless of other keys’ status.

Other TUF responsibilities include taking timestamps where the device looks at the timestamps file, and taking snapshots, similar to a timestamp but pointing at target keys.

It’s important to remember that TUF was built to fail; the idea is that if something goes wrong, users can fix it and recover. Still, we recommend rotating the TUF key once a year for good technical hygiene and to ensure clarity around the process of doing so. In smaller companies, there should be a designated tech team to carry out the rotation, while larger companies can have multiple teams tasked with the rotation.

Key Rotation Best Practices

Just as passwords should be updated, encryption keys should be rotated. Key rotation means to create a new version of a key, and is something that should be done often to reduce the “cryptoperiod” — the time in which the key is authorized for use. Key rotation also makes sense when there’s a personnel change in the technical team, when processes malfunction, or when a security issue has arisen.

Key rotation can be done either manually or as part of a rotation policy. If you want to have more control over the rotation of your root key, opt for the former. Manual rotation is when you create a new key and update applications to reference that specific key. The process can be done using support tools, and generally allows for up to one rotation per hour.

Meanwhile, a rotation policy can be done across intervals of 30 days over a year, and is when root keys are updated without input from the user. If at any point you choose to manually reset the key rotation, the policy timeframe will then operate from the date of intervention.

Need help with your key rotation efforts? Want to set up an automated, accurate key rotation policy? Try a free 30-day Foundries.io trial, and unlock the most sophisticated security for your business.

Related posts