In my last blog in my Internet of Things (IoT) security solutions series, I outlined considerations when using public key infrastructure (PKI) in hardware and large scale deployments for IoT devices. The industry needs a solution that can provide the robust security that PKI provides but abstracts away the technical and logistical complexities.
Most attempts at this were done by companies trying to address the security issue from within their own market vertical, with limited collaboration across the separate parts of the supply chain. As a result, these solutions are only partially successful at best.
Read on for my tips on how a PKI implementation can be tailored to provide robust IoT device security at scale.
You can also download my free white paper, “Internet of Things Security: Implement a Strong, Simple & Massively Scalable Solution” for a deep dive on security architecture fundamentals and best practices that simplify the implementation of strong, enterprise-grade security into small IoT devices.
Reducing PKI Implementation Complexity
Although a typical PKI implementation has its own certificate policy, profile and other security specifications unique to the requirements of that ecosystem, the reality is that most IoT applications don’t require this level of customization.
Enterprise PKI solutions tend to provide the “Cadillac” version of software and systems, which is highly customized to a client’s specific needs. When you’re dealing with a multi-billion dollar bank or global corporation, that makes sense. For IoT, that approach is neither economically or technically feasible.
As such, a pre-established PKI that encompasses a multi-vendor ecosystem is more appropriate. In this case, a standard is established that covers the needs of a broad range of adopters. A PKI implementation is created based upon this standard and all adopting manufacturers simply need to use certificates issued from that PKI. This creates much greater efficiencies and economies of scale because the costs of creating the PKI implementation are spread out among many companies who share the benefits of the common ecosystem PKI.
Certificates in Secure Chips
Advances in semiconductor miniaturization have made it possible to create chips specialized in cryptographic key storage and mathematical operations. In addition to being physically small to save circuit board space, they include physical and electronic protection mechanisms to prevent unauthorized access to private keys. They are commonly referred to as secure elements.
Private keys stored in secure elements are literally inaccessible once locked. You cannot electronically access the memory slots, and the chips themselves include features such as extra metal layers that prevent chip decapping and micro-probing of memory cells to extract keys.
The co-processing capability is critical for small IoT devices because the math behind cryptographic authentication can be computationally intensive. By offloading the cryptographic operations to the secure element, the use of a very simple main microcontroller will save cost and simplify the design.
In addition to the ability to perform advanced crypto functions in a few tens of milliseconds, this technique also saves code space and power. The crypto functions are hard-coded in the secure element, which means those functions do not need to be included in the main firmware code, thereby reducing memory requirements. Because the hardware is optimized for performing cryptographic math, it completes these functions far faster. Less compute time equals fewer clock cycles, and fewer clock cycles equal less power used.
Once the authentication and crypto operations are complete, the secure element goes to sleep and draws current only on the scale of nanoamperes.
Drawing upon the pre-established PKI ecosystems referenced in the previous section, it is now possible to pre-provision keys and certificates into these secure elements. By doing so, you have now reduced the implementation of PKI and digital certificates in a small device to a line item in a bill of materials (BOM). The cryptographic math is baked in, as are securely stored keys and the digital certificate. You add the secure element with its digital certificate on the I2C bus next to your host microcontroller, add a small library/SDK to your firmware, and you’re done!
Once the implementation is complete, you have now placed enterprise-grade security into an IoT device. Each device has a unique, cryptographically verifiable identity. You can verify that the certificate is authentic because the digital signature prevents the data from being altered. The securely stored private key proves that the certificate corresponds to the device that sent it. On top of that, this is a method that can be rapidly scaled to billions of units, if needed.
Now that there’s a cryptographic identity embedded in every device, what can you do with it? Stay tuned for my final blog post in this series, we’ll I’ll talk about automated secure device commissioning, access control and more.