First of all, we have to decide what we need to secure.
Well… That’s easy! Everything!
One could argue that, since RBPi uses Linux, we could use SSL to secure Ethernet communications and, therefore, Internet connections. On the other hand, there are also many encryption libraries available out there, so one might think that we don't need to do anything special at all.
That could be true. But we are looking for some kind of strong and comprehensive security that allows us to protect not only the file system, but every input/output in the RBPi, instead of just the Ethernet port. Therefore, we want to secure the USB, the File system, I2C, GPIOs …
We also want strong security, so we cannot rely on software-generated keys/certificates because they do not use true random generated numbers2. At the same time, this strong protection system must not overload RBPi's processor, nor collapse its OS.
Once we decide to secure everything, let's see what we need:
- A True Random Number Generator. It must obtain the seed from white noise generators with a very high entropy level.
- A Hardware key generator which stores them internally3.
- A certificate generator which generates the certificates, based on the keys mentioned above.
- A secure file system that uses an internal certificate to prevent unauthorised access.
- API/Tools to encrypt/decrypt USB, Ethernet, I2C, etc., by using internal certificates.
- API/Tools to check application certificates against the local ones to prevent unauthorised use.
2True Random generated numbers are crucial to create strong, secure keys and, therefore, strong, secure certificates.
3 Inside the cryptographic chip.
At the end of the day, why should you trust this kind of product?
In terms of security, it is required that a third party certifies what the manufacturer claims. Therefore, the chosen device should be FIPS Level 2 certified.
- Does it seem very complicated?
- Don't know who can assist you with confidence?
- Have no time to develop it?