FIDO2 – the symbiotic way
We would like to introduce you to our innovative concept of Zero Knowledge Initial Enrolment - the future for secure IoT.
This provably secure approach enables the consistent installation and seamless integration of IoT devices into cloud infrastructures. Manufacturers are now able to supply their devices to the customer without any firmware or prefabricated secrets – a simple bootloader is all we need.
To accomplish this, we use the power of Zero Knowledge cryptography to authenticate devices before they can even begin using certificates and TLS.
The resulting session encryption enables a secure connection between the device and the cloud as well as Over the Air (OTA) firmware rollouts and updates.
Devices can now go into production mode in seconds without risking hardware backdoors, Man-in-the-Middle tampering with the supply chain and similar threats.
Above all, the existing cloud IoT infrastructure does not require any change except for a handful of connecting web applications and services to implement process automation.
Sounds too good to be true? You do not have to take our word for it – just watch how it works and why.
Additionally, you can learn more about the FIDO solution and its applications on the website of our partner TrustKey.
Connect your legacy IoT devices the cloud – seamlessly and securely!
Take a minute or two to get to know our most recent trending product – the pbTLS Bare Metal Bridge.
It delivers unparalleled ease-of-use experience for the common problem of connecting legacy (IoT) devices with the cloud connection of legacy IoT devices with the cloud while also elegantly and transparently taking care of the necessary network security requirements.
Legacy IoT devices that have no on-board encryption in the first place can now benefit from TLS encrypted connections with any cloud infrastructures.
The bridge can be implemented positioned upstream or downstream of behind or into the device alike (data egress or ingress modes of operation) and transparently envelopes the data stream into a TLS session.
Incidentally, the bridge is not a gateway, but rather a pure hardware network-to-network connector based on Ultra-Low Power microcontrollers technology, to save precious resources while also raising the bar high enough to provide military-grade data security.
Since we can get away without a fully-fledged Operating System to run our little bridge, power-up times are extremely short which improves its overall resilience by also getting rid of regular security patches and annoying software updates.
Just see for yourself how easily transparent security can be enabled for your devices today.
From SSL over TLS to pbTLS: maximum security requiring minimum space
Nowadays everyone is familiar with the small lock icon in the browser that indicates higher security through ‘https’. Users take this visual aid and its symbolic meaning for granted entrusting their providers with the task of protecting their confidential data. Over the years, the original SSL encryption evolved into TLS, which has become one of the most frequently used security standards ever.
However, while TLS is quite common on user-orientated platforms, such as personal computers with fully fledged operating systems and plenty of resources, much smaller devices with limited memory and computational power like IoT are still teetering on the brink of a major crisis for want of consistent security.
Therefore, we have developed pbTLS that now bridges the divide between ‘big numbers’ and the limited resources of embedded microcontrollers or in layman’s terms ‘small chips’. With pbTLS in place, IoT and similar systems can now fulfil all essential security goals: consistent end-to-end encryption with strong certificate-based authentication and verifiable integrity. pbTLS is based on reliable, well-tested and efficient cryptographic building blocks, which ensure the highest level of security while seriously competing with a PC in terms of speed.
Example: Secure Artificially Intelligent Lighting (SAIL)
Conventional LED lighting systems are now gradually being extended in order to support automation and remote control based on specific environmental conditions. Present concepts can reach incredible levels of sophistication by integrating thermal sensors or cameras into lighting compartments to measure the presence of customers or viewers in their vicinity. This input is then used to decide whether to power the LED up or down to increase the illumination of the target area or object or to bring it back to a power-saving minimum.
If such systems are to become remote-controlled in the sense of IoT, then it is imperative that they provide secure communication end points. The usual approach is to use gateways to connect these devices to a certain network such as the local Wi-Fi. Whatever level of security that local network provides is however not sufficient to make the device directly accessible from the Internet. That is why PointBlank has now shifted its focus to the end-point devices themselves: by integrating TLS in the device there is no need for additional hardware (e.g. gateways) or software for that matter.