kocher cryptoandches invitedlecture 2016 finalethereum home depot european central ebay 000.000...
TRANSCRIPT
• •
••••••••••••
•
•
•
<->
•
◦••
•
•
•
•
•
••
•
•
•
•
•
•
•••
•
•
•
•
8 elements -> 28 interactions
4 elements -> 6 interactions1 doublingMoore’s Law ~18mos
••••••
Traditional Future (IoT…)Product vendor security expertise deep limitedSecure product lifespan 5-10 years 20-50+ yearsUser attention to security per device high-ish low/noneUser tolerance for security/reliability issues high low/noneConnected to physical world no yesNumber of software platforms small hugeOn-device security tools ubiquitous usually noneVendors can afford monitoring & patching yes no
Defenses have failed to scale to today’s needs.IoT security is much harder
00401880 push ebp00401881 mov ebp,esp00401889 push 00040188B call 004019b000401890 add esp,400401893 jmp 004018d100401898 push eax00401899 call 004018e00040189E add esp,4
0.01
0.1
1
10
1945
1948
1951
1954
1957
1960
1963
1966
1969
1972
1975
1978
1981
1984
1987
1990
1993
1996
1999
2002
2005
2008
Note: Logarithmic scale
•••••
•••••••
•
•
•••
••••
•
•••
•••
•••••
••
••
Time
Benefit
from f
eature
sRis
k from
comp
lexity
Value
(benef
it –risk
)
•
•
•