Tag Archives: CryptoAuthentication

SmartEverything is like the Swiss Army knife of IoT boards


The SmartEverything dev board is an Arduino form-factor prototyping platform that combines SIGFOX, BLE, NFC, GPS and a suite of sensors.


Announced earlier this year, SmartEverything is an IoT development platform from Arrow Electronics. Living up to its name, the latest iteration of the SoC, dubbed the SmartEverything Foxboasts a familiar Arduino form-factor with an array of factory-bundled I/O ports, sensors and wireless connectivity.

R9015121-01

Impressively, the kit combines SIGFOX, Bluetooth and NFC technologies with GPS and a suite of embedded sensors. An Atmel | SMART D21 at its heart is used to integrate the featured devices, while a SIGFOX module provides IoT enablement.

The SIGFOX standard is energy efficient and wide-transmission-range technology that employs UNB (Ultra Narrow Band) based radio and offers low data-transfer speeds of 10 to 1000 bits per second. However, it is highly energy-efficient and typically consumes only 50μW compared to 5000μW for cellular communication, meaning significantly enhanced battery life for mobile or portable smart devices.

R9015121-03

A Telit LE51-868 S wireless module gives design engineers access to the rapidly expanding SIGFOX cellular wireless network and covers the 863-870MHz unlicensed ISM band. It is preloaded with the SIGFOX network stack and the Telit proprietary Star Network protocol. What’s more, the Telit cloud management software provides easy connection up to the cloud.

Truly like the Swiss Army knife of the IoT, the SmartEverything board is equipped with: an Atmel Crypto Authentication chipset; an 868MHz antenna; a GPS module with embedded antenna for localizations applications, which supports the GPS, QZSS and GLONASS standards, and is Galileo ready; a proximity and ambient light sensor; a capacitive digital sensor for humidity and temperature measurement; a nine-axis 3D accelerometer, a 3D gyroscope and 3D magnetometer combination sensor; a MEMS-based pressure sensor; an NTAG I2C NFC module; and a Bluetooth Low Energy transceiver.

R9015121-04

The SmartEverything measures only 68.8mm x 53.3mm in size, and includes USB connectors, a power jack and an antenna extending that extend the board. The unit can be powered in one of three ways, either through two AA 1.5V batteries (1.4V to 3.2V), a 5 to 45V external supply or a 5V mini-USB connector.

For quick and easy software development, the SmartEverything Fox board is fully supported by the Arduino IDE and Atmel Studio. Can it get any better than that? If you’re looking for an IoT board that does just about everything, you may want to check this SoC out.

Atmel brings Wi-Fi connectivity to the WeChat IoT Platform


Leveraging the Atmel | SMART SAM W25, the WeChat IoT Platform supports the latest Airkiss 2.0 protocol for Wi-Fi provisioning and service discovery and allows developers to seamlessly connect to the cloud.


We love social media here at Atmel, so much so that we’re collaborating with WeChat on their latest IoT platform. The popular messaging and calling app is employing the Atmel | SMART SAM W25 module along with an ATECC508 CryptoAuthentication engine for secure connectivity.

Wecj

The WeChat IoT Platform delivers cloud services for seamless accessibility to the Internet ensuring every ‘thing’ is smartly connected and supports the recently launched Airkiss 2.0 protocol for Wi-Fi provisioning and service discovery. This new platform — which is currently available in China — provides a complete edge node-to-cloud solution from a single vendor for developers looking to build next-generation apps for tomorrow’s connected devices. Consumers can now instantly link to their IoT gadgets and easily access information via the Weixin mobile app, WeChat’s sister product.

For those who may not know, the SAM W25 module is part of the Atmel SmartConnect family and includes the 2.4GHz IEEE 802.11 b/g/n Wi-Fi WINC1500, as well as an Atmel | SMART SAM D21 ARM Cortex-M0+-based MCU and an ATECC508 optimized CryptoAuthentication engine. The unit is ready-to-use and FCC-certified delivering a simple, plug-and-play solution.

SAMW

“The IoT is the next big technology wave for the mobile, home automation, smart city, automotive and industrial markets and requires developers to now consider the complete edge-node-to-cloud communication,” explains Pierre Roux, Atmel Director of Wireless Solutions. “Weixin is one of the leading providers of IoT cloud services and a fully integrated provider with a host of capabilities ranging from simple texting to payment, portal and more. IoT developers and manufacturers using the Atmel SmartConnect SAM W25 evaluation board on the Weixin IoT Platform will have access to one of the largest user communities currently available for cloud services. Our collaboration with Weixin is just the beginning of a long-term collaboration as it is transitioning to IoT.”

Weixin originally began as a messaging app and has since been morphing into an all-in-one platform, which offers users a wide range of services from hailing a taxi, to shopping, to paying utility bills. As of the Q3 2015, the combined monthly active users’ accounts for Weixin and WeChat reached 650 million. Are you ready to connect your SAM W25 to the biggest user community in the world? Get started here!

Develop secure IoT apps with the Atmel Certified-ID platform


The Atmel Certified-ID security platform prevents unauthorized reconfiguration of an edge node to access protected resources on the network.


Atmel has announced a comprehensive security platform that enables businesses of all sizes to assign certified and trusted identities to devices joining the secure Internet of Things. The Atmel Certified-ID security platform prevents unauthorized reconfiguration of an edge node to access protected resources on the network. This new platform is available on the Atmel SmartConnect Wi-Fi, Bluetooth, Bluetooth Smart and ZigBee solutions that connect directly to Atmel Cloud Partners, providing a secure turnkey solution for IoT edge node-to-cloud connection.

Sec

The Atmel Certified-ID platform delivers a distributed key provisioning solution, leveraging internal key generation capabilities of the ATECC508A CryptoAuthentication device, without invoking large scale infrastructure and logistics costs. This platform even allows developers to create certified and trusted identities to any device before joining an IoT network.

With billions of devices anticipated by 2020 in the rapidly growing IoT market, security is a critical element to ensuring devices can safely and conveniently access protected assets through the Internet. Today, secure identities are commonly created through a centralized approach where IoT device keys and certificates are generated offline and managed in secure databases in Hardware Security Modules (HSM) to protect the keys. These keys are then programmed into the IoT devices by connecting the HSM to automation equipment during device manufacturing. This approach is indispensable in large deployments consisting of millions of devices. It can also entail significant upfront costs in infrastructure and logistics which must be amortized over a large number of devices for cost effectiveness.

By utilizing the unique internal key generation capabilities of ATECC508A device, the recently-unveiled platform enables decentralized secure key generation, making way for distributed IoT device provisioning regardless of scale. This method eliminates the upfront costs of the provisioning infrastructure which can pose a significant barrier in deploying devices in smaller scales. On top of that, developers will be able to create secure IoT devices compatible with partner cloud services and to securely join ecosystems.

Atmel is currently working with several cloud service companies, including Proximetry and Exosite, on the Certified-ID platform. These collaborations will give developers a wide range of ecosystem partners to choose from for a secure connection between the edge nodes and the IoT. Other partners will be announced as they are integrated in the Certified-ID platform.

“As a leader in the security space with a track record of over two decades, enabling secure networks of all sizes is our mission,” said Nuri Dagdeviren, Atmel Vice President and General Manager of Secure Products Group. “Streamlining secure processes and simplifying deployment of real world secure networks will be key to unlocking the potential and enabling rapid growth of IoT. We will continue delivering industry-leading solutions in security, a critical element in enabling billions of ‘things’ to be connected to the cloud.”

banner_AT88CKECCROOT-SIGNER

Atmel now offers security provisioning tool kits to enable independent provisioning for pilot programs or production runs when used in conjunction with the ATECC508A ICs. These devices are pre-provisioned with internally generated unique keys, associated certificates, and certification-ready authentication once it is connected to an IoT ecosystem.

Developers will need two kits to securely provision their gadgets: the AT88CKECCROOT tool kit, a ‘master template’ that creates and manages certificate root of trust in any ecosystem, and the AT88CKECCSIGNER tool kit, a production kit that enables partners to provision IoT devices.

The AT88CKECCSIGNER kit lets designers and manufacturers generate tamper-resistant keys and security certifications requiring hardware security in their IoT applications. These keys provide the level of trust demanded by network operators and allows system design houses to provision prototypes in-house—saving designers overall investment costs.

The tool kits also include an easy-to-use graphical user interface that allow everyone to seamlessly provision their IoT devices with secure keys and certificates without special expertise. With distributed provisioning, developers are not required to use expensive HSM for key management and certificate acquisition fees.

In addition to secure IoT provisioning, the new Certified-ID platform provides high-quality random number generation to guarantee a diverse set of public and private keys. It delivers solutions to a variety of IoT security needs including node anti-cloning protection, data confidentiality, secure boot, and secure firmware upgrades over-the-air. The tamper resistance built into the ATECC508A device continues to provide the desired protection even when the device is under physical attack.

Ready for the Internet of Trusted Things? Both the Atmel AT88CKECCROOT and AT88CKECCSIGNER are available today.

Secure your Raspberry Pi and Linux applications with ZymKey


ZymKey makes it easy to secure your IoT applications and manage them in the real world.


More times than not, developers are faced with two bad options: either deliver a substandard product quickly, or reinvent the wheel and miss the market altogether. Luckily, one Santa Barbara-based startup has come up with a solution, not just a band-aid but a true fix to the all too common conundrum. Introducing ZymKey, a tiny, low-cost piece of hardware for authenticating and encrypting data between Internet of Things devices.

68c7c9312f7e58953657dbc953040581_original-1

The key integrates silicon and software into a simple, ready-to-go package that will automatically work with Raspberry Pi and other Linux gadgets. What’s nice is that the ZymKey integrates seamlessly with Zymbit’s existing IoT platform, which includes Zymbit.Connect software, the Zymbit.City community and the Zymbit.Orange secure IoT motherboard that was on display back at Maker Faire Bay Area. Together, Zymbit enables IoT professional developers and Makers innovate faster with the confidence of data security and integrity.

“The Internet of Things will reach its full potential when real people like you and I begin to connect our devices and share data streams,” explained Zymbit CEO Phil Strong. “Then we can work together to solve real problems that impact our everyday lives. Funding our Kickstarter campaign is not just about building the ZymKey, it’s about enabling an entire community of people to collaborate around secure data streams and ideas.”

da4603f5b50612b280156748ff078f11_original

Ideally, Zymbit will make it easy to not only collect but to share data in a trusted manner. The platform embraces open technologies and gives people the freedom to innovate quickly without having to compromise security or performance. Aside from that, the so-called Zymbit.City will serve as a forum for those with common interests to collaborate on ideas powered by such verified and authenticated information.

ZymKey works by attaching to IoT Linux platforms like the Raspberry Pi. When combined with Zymbit’s Linux APIs, it offers true authentication and cryptographic services of remote devices, as well as a real-time clock and accelerometer to timestamp security events and detect physical tampering, respectively. For its Kickstarter launch, ZymKey is available in two versions: a header-mounted crypto key for the RPi and a USB stick that plugs into the port of a Linux board, including BeagleBone, UDOO and Dragon.

df64307484309c0ef944b7a5512b2832_original-1

For the RPi model, the low-profile hardware attaches directly to the Pi’s expansion header while still allowing Pi-Plates to be added on top. Lightweight firmware drivers run on the RPi core interface with software services through Zymbit.Connect. Meanwhile, the USB version adds more functionality and is usable on any Linux unit with a USB host.

“Great security has to be designed end to end. From silicon to software, from point of manufacture through end-of-life. ZymKey brings all this together and makes it easy to manage your applications and devices out in the real world, without compromising security,” the team explains. “ZymKey integrates speciality silicon with firmware drivers on the host device and the corresponding software services in the cloud. The result is a robust and secure communication workflow that meets some of the highest standards in the industry.”

fa039846314b1b3a2d00a2c4bfe43f64_original

Both ZymKeys are embedded with an ATECC508A CryptoAuthentication IC for bolstered security, while the USB version also features an Atmel | SAM D21 Cortex-M0+ core. Once connected to the Zymbit platform, you will have the unprecedented ability to transparently manage all of your remote devices from a single console — upgrade over the air, configure admin rights, and so much more. Additionally, you will be able to publish, subscribe and visualize secure data. Each ZymKey comes pre-packed with dashboard widget that make it simple to customize and share with others.

7724db6745c38192db6deaf4b50489eb_original

So whether you’re connecting one Linux gizmo in your garage to a public forum or have tens of thousands of Raspberry Pis deployed throughout the world, ZymKey seems to be an excellent option for everyone. Interested? Head over to its Kickstarter page, where the Zymbit team is seeking $15,000. Delivery is slated for December 2015.

Enhance Raspberry Pi security with ZymKey


In this blog, Zymbit’s Scott Miller addresses some of the missing parts in the Raspberry Pi security equation. 


Raspberry Pi is an awesome platform that offers people access to a full-fledged portable computing and Linux development environment. The board was originally designed for education, but has since been embedded into countless ‘real world’ applications that require remote access and a higher standard of security. One of, if not, the most notable omissions is the lack of a robust hardware-based security solution.

Zymkey_004-1

At this point, a number of people would stop here and say, “Scott, you can do security on RPi in software just fine with OpenSSL/SSH and libgcrypt. And especially with the Model 2, there are tons of CPU cycles left over.” Performance is not the primary concern when we think about security; the highest priority is to address the issue of “hackability,” particularly through remote access.

What do you mean by “hackability?”

Hackability is a term that refers to the ease by which an attacker can:

  • take over a system;
  • insert misleading or false data in a data stream;
  • decrypt and view confidential data.

Perhaps the easiest way to accomplish any or all of the aforementioned goals is for the attacker to locate material relating to security keys. In other words, if an attacker can gain access to your secret keys, they can do all of the above.

Which security features are lacking from Raspberry Pi?

Aside from not having hardware-based security engines to do the heavy lifting, there’s no way to secure shared keys for symmetric cryptography or private keys for asymmetric cryptography.

Because all of your code and data live on a single SD card, you are exposed. Meaning, someone can simply remove the SD card, pop it into a PC and have possession of the keys and other sensitive material. This is particularly true when the device is remote and outside of your physical control. Even if you somehow try to obfuscate the keys, you are still not completely safe. Someone with enough motivation could reverse engineer or work around your scheme.

The best solution for protecting crypto keys is to ensure the secret key material can only be read by standalone crypto engines that run independently from the core application CPU. This basic feature is lacking in the Raspberry Pi.

Securing Raspberry Pi with silicon and software

With this in mind, Zymbit has decided to extract some of the core security features from the Zymbit.Orange and combine them into a tiny device that embeds onto the Raspberry Pi, providing seamless integration with Zymbit’s remote device management console. Meet the ZymKey!

ZymKey for secure remote device management

ZymKey brings together silicon, firmware drivers and software services into a coherent package that’s compatible with Zymbit’s secure IoT platform. This enables a Raspberry Pi to be accessed and managed remotely, firmware to be upgraded and access rights to be administered.

Zymkey-System-Overview-5-1

Secure software services

Zymbit’s Connect libraries enhance the security and utility of Raspberry Pi in the following ways:

  • Add message authentication to egress messages to the Zymbit cloud by attaching a digital signature, which proves that the data originated to a specific Raspberry Pi/Key combination. (Meaning that it was not forged or substituted along the way).
  • Assist in providing security certificates to the Zymbit cloud.
  • Authenticate security certificates from the Zymbit cloud.
  • Optionally help to encrypt/decrypt the content of messages to/from the Zymbit cloud.

Data that is encrypted/authenticated through ZymKey will be stored in this encrypted/authenticated form, thereby preserving the privacy and integrity of the data.

Zymkey-System-Detail-1

In addition to its standard attributes, developers can access lower level features through secure software services, including general cryptography (SHA-256 MAC and HMAC with secure keys, public key encryption/decryption), password validation, and ‘fingerprint’ services that bind together specific hardware configurations.

Stealth hardware

ZymKey’s low-profile hardware plugs directly into the Pi’s expansion header while still allowing Pi-Plates to be added on top. Lightweight firmware drivers run on the RPi core and interface with software services through zymbit.connect. It should also be noted that a USB device is in the works for other Linux boards.

ZYMKEY-RPi-Annotated-2

At the heart of the ZymKey is the newly released ATECC508A CryptoAuthentication IC. Among some of its notable specs are:

  • ECC asymmetric encryption engine
  • SHA digest engine
  • Random number generator
  • Unique 72-bit ID
  • Tamper prevention
  • Secure memory for storing:
    • Sensitive key material – an important thing to point out is that private keys are unreadable by the outside world and, as stated above, are only readable by the crypto engine.
    • X.509 security certificates.
    • Temporary items: nonces, random numbers, ephemeral keys
  • Optional encryption of transmitted data across the I2C bus for times when sensitive material must be exchanged between the Raspberry Pi and the ATECC508A

Life without ZymKey

Raspberry Pi can be used with the Zymbit Connect service without the ZymKey; however, the addition of ZymKey ensures that communications with Zymbit services are secured to a higher standard. Private keys are unreadable by the outside world and usable only by the ATECC508A, thus making it difficult (if not practically impossible) to compromise.

Each ZymKey has a unique set of keys. So, if, on the off chance that a key is compromised, only that key is affected. Simply stated, if you have several Raspberry Pi/ZymKey pairs deployed and one is compromised, the others will still be secure.

Once again, it is certainly possible to achieve the above goals purely through software (OpenSSL/libgcrypt/libcrypto). However, especially regarding encryption paths, without ZymKey’s secure storage, key material must be stored on the Raspberry Pi’s SD card, exposing private keys for anyone to exploit.

Stay tuned! The ZymKey will be making its debut on Kickstarter in the coming days.

Why the IoT needs multi-layer security


When it comes to the Internet of Things, you’re only as a strong as your weakest link. 


The notion of security being only as strong as its weakest link is especially true for the Internet of Things. When it comes to connected devices, security must be strong at all layers, closing any possible open doors and windows that an attacker can crawl through. Otherwise, if they can’t get in on ther first floor, they will try another.

Security_SS_147872255

Internet security has been built mainly upon Transport Layer Security, or TLS. TLS provides confidentiality, data integrity and authentication of the communication channel between an Internet user and a secure website. Once a secure communications channel is set up using a TLS method, for example, the other half of the true security equation is needed, namely applications layer security.

To understand this notion, think of logging into your bank account on the web. First, you go to the bank’s website, which will set up a secure channel using TLS. You know TLS is successful when you see the lock symbol and https (“S” for secure) in the browser. Then, you will be brought to a log-in page and prompted to enter your credentials, which is how the bank authenticates your identity, ensuring that you’re not some hacker trying to gain access into an unauthorized account. In this scenario, your password is literally a secret key and the bank has a stored copy of the password which it compares to what you entered. (You may recognize that this is literally symmetric authentication with a secret key, though the key length is very small.) Upon logging in, you are, in fact, operating at the application. This application, of course, being electronic banking.

So, as autonomous IoT nodes spread around the world like smart dust, how do those nodes ensure security? This can essentially be achieved using the same two steps:

  • Set up Transport Layer Security to secure the communications channel using TLS or another methodology to get confidentiality, data integrity and confidentiality in the channel. This channel can be either wired or wireless.
  • Set up Applications Layer Security to safeguard the information that will be sent through the communications channel by using cryptographic procedures. Among proven cryptographic procedures to do so are ECDSA for authentication, ECDH key agreement to create session keys, and encryption/decryption engines (such as AES that use the session keys) for encrypting and decrypting messages. These methods make sure that the data source in the node (e.g. a sensor) is authentic, the data is confidential and has not been tampered with in any degree (integrity).

Un

The reason that multi-layer security, particularly application layer security, is required is that attackers can get into systems at the edge nodes despite a secure channel. Long story short, TLS is not enough.

IoT nodes collect data, typically through some kind of sensor or acting on data via an actuator. A microcontroller controls the operation of the node and a chosen technology like Wi-Fi, Bluetooth and Zigbee provides the communications channel. The reason that application layer security needs to be added to the TLS is that, if an attacker can hack into the communications channel via any range of attacks (Heartbleed, BEAST, CRIME, TIME, BREACH, Lucky 13, RC4 biases, etc.), they can then intercept, read, replace and/or corrupt the sensor/actuator or other node information.

Attack

Unfortunately in the real world, TLS gets breached, making it not sufficient. As a result, true security requires both Transport Layer and Applications Layer Security. Think of it as a secure pipeline with secure data flowing inside. The crypto element — which are an excellent way to establish the Applications Layer Security for the IoT — gets in between the sensor and the MCU to ensure that the data from the sensor has all three pillars of security applied to it: confidentiality, integrity, and authentication (also referred to as “CIA”). CIA at both the transport and application layers is what will make an IoT node entirely secure.

Fortunately, Atmel has an industry-leading portfolio of crypto, connectivity and controller devices that are architected to easily come together to form the foundation of a secure Internet of Things. The company’s wireless devices support a wide spectrum of standards including Wi-Fi, Bluetooth, Bluetooth Low Energy and Personal Area Networks (802.15.4), not to mention feature hardware accelerated Transport Layer Security (TLS) and the strongest link security software available (WPA2 Enterprise).

MCU1

Crypto elements, including CryptoAuthentication and Trusted Platform Modules (TPM) with protected hardware-based key storage, make it easy to provide extremely robust security for IoT edge nodes, hubs, and other “things” without having to be a crypto expert. Built-in crypto engines perform ECDSA for asymmetric authentication and ECDH key agreement to provide session keys to MCUs, including ARM and AVR products that run encryption algorithms.

The “three-legged stool” of cryptography


Implementing true IoT requires a three-pronged approach, like a three-legged stool. 


Implementing true security in Internet of Things (IoT) devices requires a three-pronged approach. Like a three-legged stool, each of these legs are required to properly achieve security with at least two of these so-called legs demanding a hardware-based approach.

Stool

These legs consist of:

  • A strong cryptographic cipher for the job
  • High entropy, cryptographically secure, random number generator (Crypto RNG)
  • Persistent secure key storage with active tamper detection

Now, let’s go over these one by one.

A Strong Cryptographic Cipher for the Job

A cipher is a cryptographic algorithm for performing encryption and decryption, which needs to be strong enough for the application at hand. A one-time pad is considered the only unbreakable cipher, so theoretically all other ciphers can be eventually broken. Time and cost are the two usual measures of breaking any cipher.

Time

The cover time of a secret refers to the amount of time that the message needs to be kept secret. A tactical secret, such as a command to fire a particular missile at a particular target has a cover time from the moment the commander sends the message to the moment the missile strikes the target. After that, there isn’t much value in the secret. If an algorithm is known to be breakable within a few hours, even that algorithm provides enough cover time for the missile firing scenario.

On the other hand, if the communication is the long term strategy of the entire war, this has a cover time significantly longer and a much stronger cipher would be required.

Cost

Generally, the time it takes to break any cipher is directly relates to the computation power of the system and the mathematical skills of your adversary. This usually directly coincides with the cost, so the value of your secret will, in a large part, determine how much effort is put into breaking your cryptography.

Therefore, you want to select a cipher which is well known to be strong, has been open to both academia and the public, and survived their scrutiny. Vigorously avoid proprietary algorithms claiming to be strong. The only thing which can speak to a cipher’s strength is for it to be fully open to scrutiny.

These types of proven ciphers are available within Atmel’s line of microcontrollers and microprocessors.

High Entropy, Cryptographically Secure, Random Number Generator

The importance of a Crypto RNG cannot be overstated. Some of the things which rely on the randomness of the random number include:

  • Key stream in one-time pads
  • Primes p, q in the RSA algorithm
  • Private key in digital signature algorithms
  • Initialization vectors for cipher modes

… The list of critically important requirements for high randomness is long.

Any modern cipher, regardless of intrinsic strength, is only as strong as the random number generator used. Lack of adequate entropy in the random number significantly reduces the computational energy needed for attacks. Cryptographically secure random number generators are important in every phase of public key cryptography.

To realize a cryptographically secure random number generator, a high quality deterministic random number generator and a high entropy source, or sources, are employed. The resulting generator needs to produce numbers statistically independent of each other. The output needs to survive the next bit test, which tests the possibility to predict the next bit of any sequence generated, while knowing all prior numbers generated, with a probability of success significantly greater than 0.5. This is no trivial task for randomly generating numbers as long as 2256.

It is incredibly hard to create a Crypto RNG. Even if you had the code right, there is not enough entropy sources in an embedded system to devise a cryptographically secure random number generator. Most embedded systems, especially IoT nodes are, well, pretty boring. At least when considered in the context of entropy. 2256 bits is a larger number than the number of all the stars in the entire universe. How much entropy do you really think exists in your battery powered sensor?

Companies serious about security put a lot of effort into their Crypto RNGs and have their generators validated by the National Institute of Standards and Technology (NIST), the government body overseeing cryptographic standards in the U.S. and jointly with Canada.

Any assurance or statements that a RNG is “compliant” or “meets standards” and is not validated by NIST is unacceptable within the cryptographic community. A Random Number Generator is either on NIST’s RNG Validation List or it isn’t. It’s as simple as that.

Atmel is just such a serious company. The Crypto RNG that Atmel has used in all if its CryptoAuthentication devices is validated by NIST and can be publicly found on the list here.

Persistent Secure Key Storage with Active Tamper Detection

Strong ciphers supported with high entropy random numbers are used to keep adversaries away from our secrets, but their value is zero if an adversary can easily obtain the keys used to authenticate and encrypt.

System security completely relies on the security of the keys. Protection and safeguarding of these keys and primary keying material is critically important to any cryptographic system. Your secret/private keys are, by far, the most rewarding prize to any adversary.

If your keys are compromised, an adversary will have access to every secret message you’ve ever sent, like a flower offering its nectar to a honeybee. To add insult to injury, nobody will inform you the keys have been compromised. You will go on sending “secret” messages, blissfully unaware your adversaries can read them at their leisure… completely unhindered.

A very well respected manager in our crypto business unit puts it this way; Keys need to be protected behind “guns, guards, and dogs.”

Holding cryptographic keys in software or firmware is akin to placing your house key under the front mat, or above the door, or in that one flowerpot nobody will ever think of looking in.

Adversaries will unleash a myriad of attacks on your system in an effort to obtain your keys.   If they can get their hands on your equipment, as is often the case with IoT devices, they will rip them apart. They will employ environmental attacks. They will decapsulate and probe the die of your microcontrollers. There is no limit to what they can and will do.

Atmel’s line of CryptoAuthentication devices offers a long list of active defenses to these attacks as well as providing an external tamper detect capability you can use to secure your devices from physical intrusion and warranty violation.

Summary

As stated in this brief of the three elements which enable truly secure systems, the security of the keys and the quality of the random numbers used will complete or compromise any cipher, no matter the mode used.

Inadequate entropy in a random number generator compromises every aspect of cryptography, because it is relied upon from the generation of keys to supplying initialization vectors for cipher modes. Atmel’s hardware crypto-authentication devices ensure you have a NIST validated cryptographically secure random number generator.

Keys, signatures, and certificates require a persistent secure vault to protect them. The very elements which ensure the authority, security and integrity of your system cannot be left in the attackable open.

Keys held in software or firmware are easily recovered. Typical microcontrollers and microprocessors do not contain the protections needed to keep out adversaries. Even newer processors with secure zones have very limited key storage and no generation functionality. From software protocol attacks to environmental and hardware probing, the ways and means of an adversary to recover keys from your software/firmware are nearly unlimited. This is akin to hanging your house key in a flimsy silk pouch on your front door knob.

Hardware security offers a number of benefits:

  • Secure storage of digital signatures and certificates
  • Secure storage of key hierarchy
  • Stopping adversaries from hacking your code
  • Secure boot and program image checking
  • Stopping unscrupulous contract manufacturers from over building your product
  • Creating new revenue streams by allowing premium services to be purchased post deployment
  • Limiting the life of products, e.g. the number of squirts an ink cartridge has, thereby thwarting refill/reuse
  • Streamlining deployed product tracking and warranty services

With regards to creating a truly secure system, active hardware protection for keys and cryptographically secure random numbers are not an option — they are a necessity.

Atmel’s CryptoAuthentication devices offer a high security, tamper resistant, physical environment within which to store and use keys for digital signatures, key generation/exchange/management, and perform authentication. Atmel is very serious about security. In addition to testing, validations and approvals by certifying entities, we employ third party labs to apply the very latest attacks and intrusion methodologies to our extremely resilient devices. The methodologies and results of these tests are available to our customers under non-disclosure agreement.