In-brief: MicroChip and Amazon are partnering on a chip designed to pair with Amazon’s IoT cloud and provide cryptographically strong identities for IoT devices.
There is an interesting piece on a collaboration between Microchip Technology and Amazon.com on a chip that’s designed to work with Amazon’s cloud services and protect connected devices from certain forms of attack.
According to the article, the two firms are marketing an add-on chip called the AWS-ECC508 that works with Amazon’s IoT Cloud, creating a cryptographically secure path between IoT endpoint, cloud services and end user.
From the article:
The AWS-ECC508 is designed to provide end-to-end security between the IoT device and the cloud infrastructure. It does this by leveraging Amazon’s mutual authentication system, which verifies the identity of the cloud service and the device before any data or commands are accepted. The identities are based on cryptographic keys. Until now, creating such cryptographic identities relied on the original manufacturer—typically a contract manufacturer working for a device company—securely generating the keys and then passing the keys securely along the manufacturing chain. Instead, the AWS-ECC508 can generate its own keys that Amazon will accept as authentic.
The new chips will use elliptic curve cryptography rather than the RSA algorithm, making them more power efficient without sacrificing security. The chip is also tamper resistant, Microchip engineer Eustace Asanghanwa told Spectrum.
IoT device manufacturers have been slow to address the problem, primarily “because they are always very sensitive about the cost” of adding better security, said Asanghanwa. “And this is especially true of manufacturers of products who do not see their products as critical. For example, if they are just making a lightbulb [they think] it’s not a critical component. If it fails, nobody is going to be harmed. But the truth of it is that once the device is connected, it’s not just the value of the device anymore that’s at stake. It’s the value of what that device is connected to,” says Asanghanwa.
The AWS-ECC508 is designed to address the cost/risk problem by providing high security at a (relatively) affordable price. In bulk, the chip will cost around $0.68 each.
To date, creating cryptographic identities was the business of OEMs, who generate keys in bulk, assign them to devices and then pass them along the supply chain. That can create problems, especially with unreliable supply chain partners. The AWS-ECC508, however, will generate its own keys that Amazon will accept as authentic.
Read more here: A Chip to Protect the Internet of Things – IEEE Spectrum