2

Iota is intended to be deployed on IoT devices.

A problem with IoT devices is that they are placed in insecure locations, allowing attackers to gain physical access and perform advance/prolonged attacks without detection.

Under these condition, an attacker can obtain the seed and hence masquerade as the device.

I can't see anything in Iota that prevents this. Are there any mechanisms in place?

Helmar
  • 1,293
  • 1
  • 15
  • 28
Cybergibbons
  • 305
  • 1
  • 6
  • 1
    At least related: https://iota.stackexchange.com/questions/697/could-a-sensor-be-hacked-to-steal-the-money-in-its-wallet – Helmar Jul 15 '18 at 19:42
  • 1
    IMO, this out of scope (Iota is just the protocol). Better ask this kind of question on https://iot.stackexchange.com/ or https://security.stackexchange.com/ – ben75 Jul 16 '18 at 19:54
  • I can't see anywhere that says that Iota is just a protocol - it's an ecosystem according to the foundation, no? Device capture is a big issue in IoT and distributed systems. Does Iota do anything to solve this? – Cybergibbons Jul 16 '18 at 20:56
  • "IOTA is a protocol that achieves consensus on the state of matters in a network." from iota.org. Iota, as a protocol, don't use the concept of seed. Similarly, the Bitcoin protocol don't say anything about the way to keep your keys secure. I just say that you shouldn't expect anything at protocol level regarding this issue. Security in IOT devices isn't specifically related to Iota, it's a more general problem. – ben75 Jul 16 '18 at 21:40
  • Yet here: https://blog.iota.org/iota-first-chapter-synopsis-506fdf874437

    "this ‘second stage’ is all about taking advantage of IOTA’s modular lightweight nature by extending usability through modules/platforms built on top of the underlying IOTA fundament."

     – Cybergibbons Jul 18 '18 at 09:54

0 Answers0