The advent of the Internet of Things (IoT) and Industrial Internet of Things (IIoT) technology is leading us towards an increasingly interconnected planet with risks of cyber-attacks and data breaches. With the widespread utilization of Wi-Fi networks, the IoT is growing at a rapid rate and researchers estimate that by 2020 the number of active wireless connected devices will exceed 40 billion.
Embedded devices will probably be the bulk of the low-level sensors and controls of the IoT infrastructure: we think of motion sensors, environmental monitoring, and device control. In this context, security is crucial. The market has developed various IC solutions that offer a high degree of protection through authentication and encryption, with the support of the TLS protocol.
Security and IoT
Electronic devices connect us and are present in every aspect of our lives, including our homes, offices, cars, and even our bodies. The positive side is that we can do things that we had never imagined before; the downside is the massive spread of cybercriminals hungry for information and data.
The security of IoT concerns the protection of devices and networks connected to the Internet. IoT involves the growing prevalence of objects and entities, along with the ability to automatically transfer data over a network.
For the success of IoT, it is essential that devices and services are properly protected. However, understanding how to protect devices, data, and services should be a “must” for developers who are new to security, whilst focusing on other challenges, such as battery life, form factor, and user interfaces.
The vertical sectors that need to worry about the security of IoT are the infrastructures – the electricity distribution network, the critical control systems, the financial systems – and everyday devices that have an impact on people’s health and well-being.
Maxim Integrated’s Cryptographic Controllers support public-key cryptography using 256-bit keys allowing mutual authentication between the host system and the remote or consumable node. The MAXQ1061 DeepCover device supports all the most essential requirements for IoT. This includes protection against malware, verified firmware, and secure communications.
Designed to meet the stringent requirements of FALC and Common Criteria EAL4 + certifications, the MAXQ1061 helps developers quickly design security in their products by protecting network endpoints. The EPROM is digitally programmable to store keys, digital certificates, and other data. The chip also generates its keys using a random number generator (as shown in figure 1).
Among the cryptographic algorithms, the IC includes ECC (up to NIST P-521), generation and verification of ECDSA signatures, secure hash SHA-2 (up to SHA-512), AES-128 / -256 with support for ECB mode, CBC and CCM, and MAC digest.
The ATECC508A security coprocessor is another solution offered by Microchip to increase data security in IoT. A small device can be preloaded with cryptographic keys for various applications like industrial control or SCADA networks, medical devices, or automation housekeeper.
ATECCC508A offers extremely low power consumption, operates over a wide voltage range and has a reduced form factor. The device provides secure hardware based on elliptic curve cryptography (ECC) and a secure digital signature functionality and mutual authentication. This is achieved using Elliptic Curve Digital Signature Algorithm (ECDSA) techniques.
Infineon’s family of OPTIGA security solutions is designed for easy integration into embedded systems to protect the confidentiality, integrity, and authenticity of information. These solutions are ideally suited for smaller platforms and programmable solutions, while the OPTIGA TPM (Trusted Platform Module) products are ideal for embedded PCs, mobile applications, and computing (as seen in figure 2).
The NXP SmartMX2 P60 family follows the proven reliability and interoperability of previous SmartMX family members, like the IntegralSecurity architecture and over 100 security features. SmartMX2 offers a new level of RF excellence and an EAL 6+ Common Criteria certificate. These solutions provide the symmetric and asymmetric cryptographic criteria with a DES / AES engine protected by mathematically proven countermeasures. The asymmetric processor serves cryptographic algorithms with adjustable RSA key length up to 4096 bits, and up to 544 bits for elliptic curve cryptography (seen in figure 3).
Digital security is today one of the most publicized topics in electronic design, particularly with IoT where everything relies on connections. The enormous amount of data that these devices can generate is staggering. Security requirements vary from one application to another. Cryptography is probably the first word that comes to an engineer’s mind when considering security.
The success of smart homes, connected cars, and Industry 4.0 depend on user confidence through robust yet easy-to-use solutions. Existing public-key cryptosystems allow verification of the integrity and authenticity of digital data and information.