IoT Lotto: Utilizing IoT Devices in Brute-Force Attacks
This addresses a security threat where IoT devices could be exploited by malicious actors to compromise other systems, though it is incremental as it builds on existing brute-force attack concepts.
The paper tackles the problem of IoT devices being used as tools in brute-force attacks to break encryption keys of block ciphers, showing that with a sufficient number of devices, such attacks can succeed against large-key ciphers.
The number of IoT devices in use is increasing rapidly and so is the number of IoT applications. As in any new technology, the rapid development means rapid increase in security threats and attack surfaces. IoT security has proven to be challenging throughout the past few years. However, another challenging task is to prevent IoT devices from becoming a tool used by malicious attackers to break into other systems. In this paper, we present a conceptual design in which IoT devices are used as tools in brute-force attacks to break encryption keys of block ciphers. The proposed design shows that with adequate number of IoT devices employed in the attack, the attack can succeed in breaking large-key block ciphers.