NIST seeks industry help to secure tiny IoT medical devices | Health Data Management
Cryptography experts specializing in secure communications at the National Institute of Standards and Technology are looking for ways to protect data created by tiny networked devices that are being used in Internet of Things applications and projects.
These tiny IoT devices, which include sensors, actuators (components of a machine that move or control a mechanism or system) and other micromachines will need a new class of defense mechanisms against cyberattacks.
The devices will work on scant electrical power and use less complex circuitry than chips found in the simplest cell phone, according to the NIST. Some of these small electronics exist today, such as in the keyless entry fobs to turn on cars.
NIST has sent out a call for a project to develop ways to secure data in a constrained environment and seeks help in developing requirements and guidelines. The agency released a draft document, available here, to the software community and will soon make a formal request to developers to produce appropriate encryption algorithms.
“The IOT is exploding, but there are tons of devices that have nothing for security,” says Kerry McKay, a NIST computer scientist. “There’s such a diversity of devices and use cases that it’s hard to nail them all down. There are certain classes of attacks to consider and lots of variations. Our thinking has to be broad for that reason.”