Bring your own key for the industrial Internet of Things

摘要

High tech strategies such as Industry 4.0 and Smart Manufacturing require industrial devices to be connected to the Internet. This movement towards interconnected industrial devices poses significant security risks as confidential data must be transferred and stored using untrustworthy channels and cloud servers. End-to-end private key cryptography is suitable to protect the confidentiality, integrity, and authenticity of data. However, private key cryptography has some drawbacks such as the so-called key distribution problem. A possible solution, factory installed keys, are untrustworthy as the two partners relying on end-to-end cryptography can not be sure that no other party is in possession of the used keys. To overcome these problems, the Bring Your Own Key (BYOK) principle based on Near Field Communication (NFC) and dedicated secured hardware is presented in this paper.