End-to-End IoT Security Simplified – EE Times

August 26, 2016 Facebook Twitter LinkedIn Google+ Uncategorized

SEATTLE — Securing an IoT device’s communication with cloud services from end to end can be a daunting challenge. One of the biggest problems is the assignment, protection, and management of public decryption keys and certificates for authentication of deployed devices. To simplify those efforts for developers, Microchip in conjunction with Amazon Web Services (AWS) has developed a secure provisioning platform and associated support chip that streamline IoT security.

OEMs creating IoT devices, particularly for business and industrial apps, will need to ensure the security of the devices’ connections to their web servers. But ensuring security requires more than simply supporting encryption in the design, Microchip’s product marketing engineer Eustace Asanghanwa explained in an interview with EE Times. Encryption depends on the use of keys, which must themselves be kept safe if the communications are to be trustworthy. It is the generation, sharing, and management (including protection) of these keys that create the challenges for IoT OEMs.

Some of the key challenges OEMs face, Asanghanwa said, include securely generating a unique key for each device, protecting the confidentiality of keys throughout the manufacturing chain, ensuring that device end users can readily establish a trustworthy connection to the web server, and protecting the device keys throughout the device’s operating life. Current solutions to these challenges, Asanghanwa added, involve costly equipment and logistics, including the installation of expensive hardware secure modules and use of secure rooms in factories, and conducting periodic factory security audits.

The recently-released Microchip ECC508 seeks to relieve OEMs of such burdens when designing devices to work with AWS. The devices connect to a host processor over I2C and handle all the encryption and security protocol tasks using elliptic curve cryptography (ECC), the ECDH (elliptic curve Diffie-Hellman) security protocol, and ECDSA (elliptic curve digital signature algorithm) sign-verify authentication. Internal generation of unreadable, device-unique, private keys, tamper resistance, and features to defend against microprobe, emissions analysis, timing, and other attacks are all part of the ECC508’s attributes.

The ECC508 parts, Asanghanwa noted, are just one element of the company’s AWS Zero-touch secure provisioning platform, which works in conjunction with the AWS Just in Time Registration of device certificates for authentication of devices trying to connect to AWS. To simplify OEM logistics, Microchip has worked with AWS to ensure that reliable mutual authentication between AWS and a device designed using the Zero-touch platform is quick and automatic.

Microchip's Atmel subsidiary makes the ECC508 available in a variety of package types. (Source: Microchip)

Microchip’s Atmel subsidiary makes the ECC508 available in a variety of package types. (Source: Microchip)

Because key generation occurs within the ECC508 parts, OEMs need not externally generate keys for their products and secure them throughout the manufacturing and supply chain, Asanghanwa pointed out. Instead, the OEM works from a root certificate authority (CA) and signs a one-time intermediate CA to generate customer-specific production signers that Microchip will register with AWS for the OEM’s future use. When subsequently filling the OEM’s order for ECC508 parts, Microchip will automatically generate and sign individual device certificates for every part. When the device containing the part first tries to connect to AWS, everything will be in place for mutual authentication and private key generation to take place automatically. The secure production of IoT products by an OEM, then, boils down to soldering the ECC508 part onto their board.

While key generation and device certificate registration with the web server are no longer OEM concerns, however, key management is still either the OEM’s or the end-user’s responsibility. Microchip will provide the OEM with information allowing identification of parts that go missing in the production process or have been counterfeited, and has mechanisms that allow the de-certification of parts by whole manufacturing lots down through individual part numbers to help maintain brand integrity. Similarly, AWS can provide information about attempts to re-use device IDs or the registration of devices outside of expected geographic regions, to help prevent cloning.

Microchip offers development kits as well as parts with generic identities for prototyping and pilot production before OEMs need to commit to the production provisioning process.

Rich Quinnell covers industrial control for EE Times. Contact him at richard.quinnell@aspencore.com, Circle me on Google+Follow me on Twitter