jedidia
shoemaker without legs
Stackexchange is a good platform to get answers, but not the best platform to get explanations when you're a bit slow on the uptake. So I'm taking this thing here. The situation described in the following is purely hypothetical, and does not in any way reflect the reality of an impending product launch and poor overchallenged me ending up being the most knowledgable person about cyber-security in the company at the moment. Of course not, that would be kind of stupid. Right? :shifty:
Who am I kidding, I'm screwed. Would be glad for a bit of help here...
So, here's the situation:
There's some raspberry pi's that communicate with an MQTT broker via an SSL-encrypted chanel. The whole thing is a two-ways handshake, which means both the server and the pis are carrying the same public CA. Everybody involved has an individual private and public key signed by the private key of that CA, but the private key of the CA is under lock and store, nowhere near any of the involved parties.
The private and public keys are also unique for every pi. The server can tell who's knocking by the certificate it gets, and I can tell it via a revocation list to just ignore a client if it gets compromised.
The exact same scheme is used to communicate inside a VPN for remote maintenance, though with different keys.
The problem, in the end, are the SD-cards in the pis. I'm loath to encrypt them, because the poor thing alredy has to bear a heavy load, especially when it comes to disk operations. So I wonder what could possibly happen if somebody grabs the SD-card and gets a hold of the keys on there. From my standpoint of limited knowledge, I can just revoke that specific certificate on the server side, and the whole thing becomes pretty useless for hacking into the system as the server won't talk to a client with that certificate anymore.
The guys on stack exchange seem to be of the oppinion that it would still leave the system open to MiTM-attacks, and that, depending on the nature of the public CA, it might even be usable to signing new certificates. I can accept those answers, but I'd like to understand why and how, and I get the feeling that we're starting to go in circles over there, and the comments section of stack exchange isn't supposed to be used as a forum in the first place, so I feel like our resident experts on OF (experience tells me that OF has at least one actual expert on almost anything) might do a better job explaining to me how the certificates in this setup could still be used to harm the system.
Who am I kidding, I'm screwed. Would be glad for a bit of help here...
So, here's the situation:
There's some raspberry pi's that communicate with an MQTT broker via an SSL-encrypted chanel. The whole thing is a two-ways handshake, which means both the server and the pis are carrying the same public CA. Everybody involved has an individual private and public key signed by the private key of that CA, but the private key of the CA is under lock and store, nowhere near any of the involved parties.
The private and public keys are also unique for every pi. The server can tell who's knocking by the certificate it gets, and I can tell it via a revocation list to just ignore a client if it gets compromised.
The exact same scheme is used to communicate inside a VPN for remote maintenance, though with different keys.
The problem, in the end, are the SD-cards in the pis. I'm loath to encrypt them, because the poor thing alredy has to bear a heavy load, especially when it comes to disk operations. So I wonder what could possibly happen if somebody grabs the SD-card and gets a hold of the keys on there. From my standpoint of limited knowledge, I can just revoke that specific certificate on the server side, and the whole thing becomes pretty useless for hacking into the system as the server won't talk to a client with that certificate anymore.
The guys on stack exchange seem to be of the oppinion that it would still leave the system open to MiTM-attacks, and that, depending on the nature of the public CA, it might even be usable to signing new certificates. I can accept those answers, but I'd like to understand why and how, and I get the feeling that we're starting to go in circles over there, and the comments section of stack exchange isn't supposed to be used as a forum in the first place, so I feel like our resident experts on OF (experience tells me that OF has at least one actual expert on almost anything) might do a better job explaining to me how the certificates in this setup could still be used to harm the system.
