Tag Archives: keys

16 smart crowdfunding campaigns you may want to back this week

1 Reply

Every Friday, we’re taking a look at some of the smartest, most innovative projects that have caught our attention on Kickstarter and Indiegogo over the last seven days. 

Podo

B_MxhnuUwAEwcwq.jpg-large

This wireless, re-stickable camera can turn any surface into a photo booth. Podo is currently seeking $50,000 on Kickstarter.

Switchmate

switchmate-lifestylr-1-970x646-c

This solution simply snaps over a standard switch, pairs with a mobile device and automates your lights in seconds. Switchmate is currently seeking $50,000 on Indiegogo.

The Monolith

409ca73d0701427ddabc42f8c9a259cf_large

The first and only skateboard to be outfitted with motors in the wheels is also embedded with Bluetooth Low Energy. Inboard Action Sports is currently seeking $100,000 on Kickstarter.

LowoTec

Gehäuse_vs_Maus2

This pair of devices allows users to tailor their teleworking needs in both a flexible and secure manner through zero-configuration hardware VPN. LowoTec is currently seeking €120,000 on Indiegogo.

AmbyGear

20150302131559-dsc_0489_-_copy3

The world’s first smartwatch for kids not only teaches life lessons, it keeps them safe. Ambit Networks is currently seeking $50,000 on Indiegogo.

Freiya

0c601daf8f92ef757ff8eb42f1972598_large

This smart can connects to your smartphone to help monitor your flowers and let you know when it’s time to water them. Freiya is currently seeking $48,000 on Kickstarter.

PancakeBot

pancakeBot_3d_drucker_3d_printer_food_lebensmittel

This first-of-its-kind machine lets users design and print out custom pancakes. PancakeBot is currently seeking $50,000 on Kickstarter.

Stryd

stryd_package-1

This device enables runners to accurately measure power levels across any type of terrain using the sports watches and mobile devices they already wear. Stryd is currently seeking $50,000 on Kickstarter.

Keys

20150304002237-hero_9

This keyboard that lets you learn, play and create music using LED lights and gestures. Opho is currently seeking $50,000 on Indiegogo.

Artiphon

photo-1024x768-5

This touch-sensive digital fretboard can be played like a guitar, piano, violin, drum machine and lots of other instruments. Artiphon is currently seeking $75,000 on Kickstarter.

iSensor HD Patio

20150302211124-DSC_1002_-_Copy

This weather-resistant, remote-controlled outdoor camera you monitor the outside of your home from anywhere in the world. Amaryllo is currently seeking $1,000 on Indiegogo.

Plugzee

Plugzee

This tiny device brings Bluetooth functionality and high-resolution audio to any speaker. Plugzee is currently seeking $10,000 on Indiegogo.

Splash Drone

photo-1024x768-6

This waterproof UAV features a live video feed, payload release mechanism, emergency flare system and camera stabilization gimbal. Splash Drone is currently seeking $17,500 on Kickstarter.

Quell

quelllead

This wearable device attaches to your upper calf and stimulates your brain’s natural opiates to relieve chronic pain. Quell is currently seeking $100,000 on Indiegogo.

Baby Check

photo-1024x768-7

This wearable monitor can track a baby’s temperature, body position, sleep and medicine administration using a companion mobile app. DK Tek Innovations is currently seeking $35,000 on Kickstarter.

Yerka

20150304030314-costado_degradado

This integrated system will make your bike “unstealable,” along with soon-to-be added Bluetooth connectivity that’ll give you the ability control its lock from your smartphone. Yerka is currently seeking $50,000 on Indiegogo.

Did you happen to miss last week’s notable campaigns? If so, you can check them out here.

The “Key” to Reality

4 Replies

If we wanted to reduce the definition of authentication to its most Zen-like simplicity, we could say authentication is “keeping things real.” To keep something real you need to have some sort of confirmation of its identity, as confirmation is the key (so to speak).

The equation could be as follows:

Identification + Confirmation = Authentication

Confirming or validating the identity of a document, item, data, etc. is what keeping things real is all about. Some of the “things” that can be authenticated with cryptographic methods are mobile, medical, and consumer accessories; embedded firmware; industrial network nodes; and sensors, among others. Soon IoT and vehicle-to-vehicle communication will join in.

Authentication is far more important than many people realize, especially in our growing hyper-connected world that now links billions of people (and things). In cyber-land, authentication is accomplished by deploying cryptographic keys and algorithms. Keys are fundamental to keeping things real—so that is what we mean by “the key to reality.”

Key real 1

There are two primary types of Authentication: Symmetric and Asymmetric. Atmel offers secure key storage devices for both types. These two important techniques take their names directly from whether the keys on each side (i.e. the host and client sides) are the same or different.

Symmetric Authentication

If the same secret key is used on the client and on the host, then the application is symmetric, just like the name suggests. Both of the symmetric keys must be protected because if either one gets out then the security will be lost. This is perhaps analogous to having two sets of car keys. Meaning, losing either one makes it easy for a thief to drive away with your car. So, the secret keys must stay secret.

Key sym

Symmetric Keys are the Same

The identical keys on the host and client are used in mathematical calculations to test the reality of client devices. A very common mathematical calculation that is used is a hash function based upon a cryptographic algorithm (such as SHA). A hash operation produces a hash value (also called “digest”), which is a number of a specified length that is usually smaller than the numbers used as the inputs. A hash is a one-way operation, which means that the inputs cannot be recreated from the hash value.

With symmetric authentication a typical process is to challenge the client device to be authenticated by sending it a random number. The client then puts the random number challenge and a secret key into the hash algorithm to create a hash value, which is known as the “response.” Each challenge will generate a unique response.

It should be noted that cryptographers call a hash of a random number with a secret key a “Message Authentication Code” or “MAC.” The diagram below illustrates this process. Because the host key is the same on the host and client sides, the exact same calculation can run on the host. Once that happens, the hash values (“MACs”) from each can be compared. If the hash values match, the client is considered to be real. You can see that symmetric authentication is really a simple process, but it is loaded with mathematical elegance. Now let’s look at asymmetric authentication.

Hash Value 1

Hashing a Random Number with a Secret Key

 

Asymmetric Authentication.

Asymmetric keys are presented in public-private pairs. More specifically, the public and private keys are related to each other via a mathematical algorithm. An example would be the Elliptic Curve Cryptography (or “ECC”) algorithm. Only the private key has to be securely stored. Because the keys are different, asymmetric authentication cannot use the same calculate-and-compare process as symmetric.

Asymmetric requires more complicated techniques such as making digital signatures that are verified for authenticity (this is called “Sign-Verify”). An example of asymmetric authentication using ECC algorithms is Elliptic Curve Digital Signature Algorithm (or “ECDSA”).  A major benefit of the Atmel ATECC108A device is that it can be used to easily implement ECDSA sign-verify. (The steps of ECDSA are very interesting, but they will be covered in a separate article). Note that an important trade-off between symmetric and asymmetric authentication is the speed of operation. For example, authentication time for the Atmel ATSHA204A is 12ms (typical) for symmetric versus more than a second for many microcontrollers to execute an asymmetric ECDSA operation.

Getting back to the keys:   The secret keys must stay secret. If keys are the keys to authentication (i.e. reality),  then secure storage of the secret keys is the key to SECURE authentication. And that is the real point here.

So the, how is secure storage implemented? The best way is to use hardware key storage devices that can withstand attacks that try to read the key(s). Atmel CryptoAuthentication products such as the ATSHA204AATECC108A  and ATAES132 implement hardware-based storage, which is much stronger than software based storage because of the defense mechanisms that only hardware can provide against attacks. Secure storage in hardware beats storage in software every time. Adding secure key storage is an inexpensive, easy, and ultra-secure way to protect firmware, software and hardware products from cloning, counterfeiting, hacking, as well as other malicious threats.

For more details on Atmel CryptoAuthentication products, please view the links above  or the introduction page CryptoAuthentication. Future Bits & Pieces articles will take in an in-depth look at how symmetric and asymmetric authentication is accomplished.