As the Internet of Things (IoT) becomes increasingly mainstream, it has opened up organizations to a plethora of new potential security threats since each IoT device acts as a vulnerable endpoint. Experience shows that software-based defences have proven to be largely inadequate, particularly for small microcontrollers. One of the best ways to counter this is to strengthen the authentication model of the connected device by configuring a secure element to store private keys and handle crypto-algorithmic secrets. However, this is often easier said than done, especially for small-to-medium sized deployments, since supply chain logistics can prove to be quite challenging. Therefore, this calls for a way to customize the manufacturing process for the mass market in an affordable manner such that a uniquely provisioned key can be produced for each device.
One answer to this is the use of pre-provisioned secure hardware elements to protect IoT applications. With the right platform, the minimum order quantity (MOQ) can be as low as 10 pre-provisioned devices. The advantage is that hardware-based secure key storage can be delivered with a generic certificate at a lower total cost per device. The process is less complex than getting certification from third-party provisioning, public key infrastructure (PKI) service providers and certificate authorities.
Such an approach allows us to protect even basic IoT applications such as a gateway, an air conditioner or a surveillance camera at the hardware level. The pre-generated, device generic certificates are locked inside a secure element for autonomous cloud authentication onboarding.
The Role of Secure Elements in a Multilayered Security Strategy
Each implementation requires its own multilayered strategy for IoT security since there is no standard approach that works in all instances. Kerckhoffs’s principle dictates that a cryptosystem remains secure as long as its key remains private, even if other elements are public. With this key, both the client and host can ascertain the “trusted identity” of the device prior to any interaction or transaction.
Also, it is important that industry-standard cryptographic keys are isolated in a secure boundary such that they are not vulnerable to physical attacks and remote extraction. While this adds to the development time and also demands a certain level of security expertise, it is critical to ensure security. There are three steps involved here:
- Each IoT device must be given a secure element that acts as a companion to the device’s microcontroller
- The secure element must be properly configured for the given use cases and provisioned with the credentials and other cryptographic assets that are used for the given authentication
- The device must be provisioned with each of the defined use cases’ corresponding secrets— without being exposed at any point during manufacturing. A process that’s often not fitted for most small-sized projects.
While IoT manufacturers have generally been inclined to take on this task for hardware-based authentication mechanism for high-volume orders, there is an increasing call to take this approach to the mainstream.
Microchip offers multiple options to deploy secure key storage for device authentication, even in smaller volumes through its new Trust Platform for its CryptoAuthentication™ family. For IoT product companies that may prefer the option of pre-provisioned secure elements, a private key and generic certificates are generated for secure element in a secure Microchip manufacturing facility. This ensures that they remain unexposed throughout the secure provisioning process and are safely locked inside the secure element during shipping. They undergo an automated IP based cloud or LoRaWAN™ network onboarding.
Another alternative could be for manufacturers to work with their own certificate chain but still take advantage of pre-configured use cases. This can simplify the process and cut down on customization time since it eliminates the need for customized part numbers. Some examples include Transport Layer Security (TLS) certificate-based authentication, LoRaWAN authentication, secure boot, Over-the-Air (OTA) updates, IP protection, user data protection and key rotation. These are mostly pre-configured use cases, although other manufacturers might need more customizable options.
This type of hardware-based security is seeing growing demand from the industry. In order for it to become mainstream, it needs to be able to support IoT device authentication to any public or private cloud infrastructure. Microchip Technology, for instance, recently teamed up with Amazon Web Services (AWS) features to ensure that products that were created using the Trust Platform can be onboarded into AWS IoT services in a simple and straightforward manner. Thus, IoT devices using Microchip’s ATECC608 secure element can benefit from pre-provisioned, pre-configured or fully customizable hardware-based security.
This is an important development to facilitate simple and cost-effective hardware-based security for IoT devices irrespective of project size. This approach removes the barriers traditionally associated with configuring and provisioning secure elements. With the mainstreaming of the secure supply chain, industry best practices for any connected-device authentication can be widely available.