1. Big Crypto
Create transparent sensor-to-cloud encryption suitable for common
microcontrollers used by makers.
Securing mobile medical applications one device at a time
Total Beneficiaries Spoken To: 108
2. Team Members
Team Member
Nicholas Albanese Wenchen Wang Brandon Contino Ziyue Sun
Academic Program
Electrical
Engineering
(Undergrad)
Computer science
(PhD)
Electrical
Engineering
(Undergrad)
Mechanical
Engineering
(Master's)
Relevant
experience
Knows government
agencies and their
standards
Fault tolerant
wireless networks
and protocols
Circuit Designer,
Maker
Researches on
nonlinear controls
and human robotics
Sponsors: Matt Fante, NSA
Mentor: Dr. Dickerson, Samuel J, University of Pittsburgh
4. Value
Proposition
Buy In & Support BeneficiariesKey Activities
Deployment
Key Resources
Key Partners
Mission AchievementCost Structure
-Standard Definers
*NSA: sponsor
-Our Mentor
*Dr. Sam Dickerson
-Influential Makers
* Chad Elish,
President HackPGH,
member of Nation of
makers
-RFID
*Steve Halliday, CEO
high Tech AID,
important member in
the RFID community
- Leveraging Simon
and Speck
*Developing a way to
interface with Simon
and Speck for
encryption
- Create a mutual
authentication protocol
*Develop a way to
create handshaking
- Encryption Algorithm
*Simon and Speck
-Microcontroller
*Arduino, Teensy, etc
-Network Hardware
* Xbee, GSM,
Bluetooth, 802.11, etc
-Communication
Protocol
- Encryption Communication
* protects the data in transit
-Ease of usability
* Enables many makers to
quickly add encryption to their
projects
-Mutual authentications
*Prevents unauthorized
accessing of data or
manipulation
- Transparency
* Makers “make” stuff mostly
for learning how it works. The
security will be transparent so
they can learn how it works
- Influential makers
* Leverage influential
makers to help
“advertise”
- Maker magazines and
channels
* Another way to promote
e.g. Instructables
- Code Repositories
e.g. Github
-Product website
* Could make a page for
the product
Example projects
* Can exhibit example
projects on sites
- Makers
* Chad Ellish, Jon Lewis,
Simon Health, Scott
Hamilton
- NSA
* Sponsor
- Encryption solution -Micro-controller - Servers
- A standard is created
There is a common method
for implementing secure
communications on MCUs
5. First MVP
General Sensors
Open Source Library
Cloud
Encrypted Data
Micro-controller1 Micro-controller2 Micro-controller3
Shield
Transparent
$$$$
Authentication
6. Not Solely a Technical Problem
Makers/ public do not care about encryption
Some solutions do exist
12. - Enable Developers to Quickly
and Easily Implement Lightweight
Encryption on Their Wireless
Devices
- Customizable solutions for
different applications
Value
Proposition
Buy In & Support BeneficiariesKey Activities
DeploymentKey Resources
Key Partners
Mission AchievementCost Structure
- NSA Encryption
Experts
- Center for
Internet Security
- Internet
Engineering Task
Force (IETF)
- Leveraging Big Crypto
Website
- Big Crypto Website
- NSA Adoption: Linda
Burger
- Maker Community
Utilizes Site
- DoD Adoption: Prove
validity through NSA
- Custom Made Company
Website Online
- Connecting with
Agencies In Person and
Over the Phone
- NSA - Information
Assurance
- NSA/DoD Sensor
Developers
- Server Cost
- Developer Wages
- Easy to use encryption standard that can be deployed for mission
application
13. Value
Proposition
Customer
Relationships
Customer
Segments
Key Activities
ChannelsKey Resources
Key Partners
Revenue StreamsCost Structure
- Developers who
have developed
lightweight
encryption libraries
- Influential Makers
- Cloud Services
- NSA for
Encryption
Algorithm
Research
- Maintain libraries
- Easy to use interface
- Create tutorials
- Establish a strong
following
- Encryption Libraries
- Code Repositories
- Encryption Algorithm
- Quickly and easily implement
encryption through easy to use
libraries with extensive, but easy
to use tutorials
- Provide visibility to library
- Increase use of cloud service
- Virtual Communication
Support
- Virtual meetings to
discuss library
performance
-Virtual and in person
meetings to discuss cloud
integration
- Website
- Code Repositories
- Example Projects on
Maker Sites
- Developers who Utilize
Wireless Communications
- Developers who want
more people to use their
libraries
- Cloud Solutions who
want their services easily
integrated
- Server Cost
- Developer Wages
- Testing Costs
- Advertisements on the Website
- Optimized versions of the lightweight encryption algorithm
- Consulting Appointments
14. How Can We Make a Website Sustainable?
Acquire Activate
17. Back of the Envelope Research
1 million American use insulin pumps - 20% (200,000) use Omnipod
per year spent buying MCU’s and transceivers
at Omnipod alone
$120,000,000
18. Why making chips may not work
Issues needed to be considered:
● Do medical device developers want to
make changes to their hardware?
● Can we differentiate ourselves from giant
companies?
● Is it economically feasible?
24. Open Source Library Educate the Public Website w/Libraries
Encrypted Chips
Encryption Software
Optimized for Medical
Devices
Communication
System Design
Services
26. Mission Achievement
How is this going to achieve what the
NSA wanted in the first place?
They wanted to work on improving
IoT cyber security for IA and
possible DoD applications
We will be improving cyber security in
the medical field, and the transition
over to other uses is not that big a
jump
27. Moving Forward
Disclaimer: All material presented was of the views of the Big Crypto team and by no way is a view of the team's sponsor or the University.
Hinweis der Redaktion
Z can you copy over all the original mission model canvas things
Z can you copy over all the original mission model canvas things
Z can you copy over all the original mission model canvas things
The back of the envelop research is what really sold the team on our huge pivot so late. The idea of making software to sell to the companies seemed viable. Talked to a few developers who talked about product development and
These devices were secured by obscuring what anyone knew about it
Not a good way to do it because if hacked, all of their systems are compromised
Through discovery, learned that:
Legal reasons keep companies obscuring it because of the FDA standards
Improvements in cyber security were not making their way into the medical device because of the gap the FDA standards create