Sir Isaac Newton, the British genius who first proposed the laws of motion in the 1687 release of his three-volume work Principia, acknowledged the work of his predecessors when he wrote: “If I have seen further, it is by standing on the shoulders of giants.”
Here, Newton underscores the value of beginning one’s work from a strong foundation.
At Atonomi we have embarked on a challenging task: Utilizing blockchain to protect and enable the full potential of the Internet of Things (IoT). Fortunately, we are working from the solid foundation forged by our parent company CENTRI, creators of the market-leading advanced data security solution for IoT. CENTRI provides a software-only solution that enables IoT device makers and other providers to quickly get to market with purpose-built IoT data security to protect the IoT products that are connecting our world.
Building upon our CENTRI technology, patent portfolio, and deep expertise, Atonomi is extending protection to the kind of autonomous device-to-device interactions across multi-vendor ecosystems that are becoming an ever greater part of the IoT. Through our years of cybersecurity product development for resource-constrained devices, we have developed core competency that enables us to create the tightly efficient code required for the limited resources found on most IoT devices.
Small Footprint Required
Keeping things small is essential to securing the IoT. Storage is typically on an embedded ROM chip, with ROM storage generally ranging from 96kB to 512kB. Even at the upper end of the range, storage is at a premium because it must hold the operating system (except on the smallest devices), the application, and network protocol – as well as security.
The CENTRI security code embedded into ROM chips has a footprint of just 65kB or less. At Atonomi we’re using the same precision coding to protect IoT devices with an embedded code stack that is measured in kilobytes – not megabytes or gigabytes.
Memory is also at a premium on IoT devices, partly because of size constraints and budget considerations, but also because the more RAM a device is provisioned with, the more energy is required from its battery. RAM, for IoT devices can run from less than 16kB to a typical provisioning of 32kB or 64kB. But even at 256kB, this is a fraction of the RAM that a typical desktop or smartphone would have. And, again, you must be mindful of the other code that typically requires RAM resources – the operating system, applications, and network protocols, along with the security stack.
We believe encryption – embedded into the IoT device – is essential to IoT security. Precision coding, again, is required because of the limited device resources. For example, you can’t run the SSL/TLS security protocol on an embedded microcontroller that has no room for a TCP/IP stack. While BLE provides AES encryption, devices using BLE 4.1 and earlier (or when running BLE 4.2 in legacy mode), suffer from long-term key exposure and other vulnerabilities, as detailed by the National Institute of Standards and Technology.
In addition, as data is moved, it is exposed at a number of points along the way from the device, through gateways, and on to the server. If the data is encrypted upon capture and decrypted only after it reaches an application server, those transition points are protected. If the data is unencrypted and sent over encrypted network segments, it is only protected in transit (unless that network section is hacked), but is left vulnerable at any network protocol transition point.
This is why we encrypt data at the point of collection on the IoT device. In the event of a breached network, a hacker would only find encrypted data. We use strong, industry-standard encryption, combined with proprietary, patented optimizations specifically designed for the world of IoT. In preparation for the future, we use quantum-safe symmetric key encryption, widely accepted standard cipher suites, and key exchange methods used by the leading technology companies and government agencies around the globe.
Fast and Secure Authentication
The CENTRI solution uses hardware-based ID to authenticate all devices without the need to exchange and manage certificates. Our patented process for assigning secure device identifications upon introducing a new device into an IoT environment allows for immediate – and encrypted – single-stage handshake communication. Using our handshake for Armv8-M, for example, is 240 times faster than using TLS.
We believe that IoT can never reach its full potential without robust security – precisely crafted for the billions of resource-constrained devices that operate in the ecosystem. It is our hope that through these product offerings, we can provide peace of mind amid an increasingly uncertain regulatory environment. However, until then, we will continue to stand upon the shoulders of giants in the pursuit of interoperability for both data and commerce. This is why we are creating Atonomi.
Thanks for reading,
The world needs a robust software-based security solution to protect the Internet of Things (IoT) in order to extend protection beyond...
Read the entire blog from Vaughan Emery, Founder and CEO, Atonomi on Medium...
Assess-IoT introduces new CENTRI practice to help businesses design and implement layered security capabilities reaching the most...
Blind spots must be considered with blockchain. When a new technology like blockchain comes around, it’s easy to overlook the impact...
Automation is flowing into our lives so persistently and quietly that we hardly notice. Gone are the folded maps Now it’s click on your...