EE Times notes some interesting product news involving chip maker ATMEL and Amazon, aka “the IoT’s back end.” According to the report, Amazon is partnering with ATMEL’s parent company, Microchip, to enable seamless provisioning of IoT devices with end to end encryption.
The partnership will marry Microchip’s Atmel’s ECC508 chip to marry the company’s “Zero touch” platform with Amazon’s new(ish) “Just in Time Registration” service, which streamlines device activation.
The partnership is designed to address some noted problems with secure IoT deployments. Namely: key generation on low power IoT devices, securing keys throughout long and complex manufacturing chain, securing communications between the IoT endpoint and the (cloud ) management server and then securing and managing the endpoint throughout its life.
The ECC508 is designed to address a number of those challenges. It uses elliptic curve cryptography and is tamper resistant, with defenses against “microprobe, emissions analysis, timing, and other attacks.”
Behind the scenes AWS;s Zero-touch secure provisioning platform streamlines authentication of devices trying to connect to AWS. “Microchip has worked with AWS to ensure that reliable mutual authentication between AWS and a device designed using the Zero-touch platform is quick and automatic,” EE Times reports.
The key benefits are that OEMs using the Atmel/AWS model will not need to generate keys for their products externally and then figure out how to secure them throughout the manufacturing and supply chain. Instead, an OEM can operate a root certificate authority (CA) of their own, signing a one-time intermediate CA to generate customer-specific production signers that Microchip will register with AWS for the OEM’s future use.
The OEM can then automatically generate and sign individual device certificates for each part of a device with an ECC508 chip in place. “When the device containing the part first tries to connect to AWS, everything will be in place for mutual authentication and private key generation to take place automatically.” In other words, using the ECC508 chip enables OEMs to leverage a secure identity infrastructure for uniquely identifying components of an IoT product.
Check out the whole article here: End-to-End IoT Security Simplified | EE Times