Wisekey issues birth certificates for IoT devices
July 29, 2020
Swiss cyber-security company Wisekey is providing a unique identity for IoT devices in the form of an IoT birth certificate and is protecting this identity using its secure VaultIC semiconductor.
A digital identity for any IoT device is analogous to a person’s birth certificate. The IoT certificate is signed, or certified by a trusted authority and contains basic information such as date and time of manufacture (birth), company (parents), and type of product (gender, eye colour and so on). This digital identity, used throughout the IoT device’s lifetime, allows the device to become a good citizen of the internet, prove its identity and provide verifiable data.
The IoT birth certificate is based on a cryptographic public-private key pair that is unique to each IoT device. The public key for this key pair is part of the certificate and can be freely distributed, while the private key is used whenever the IoT device needs to verify its identity or to sign data to ensure cryptographic integrity. It is the private key that represents the essence of the identity of the IoT device.
An IoT device can be impersonated by compromising the device’s private key. To protect against impersonation, the device’s digital identity is protected using Wisekey’s VaultIC hardware that is designed to keep the private key safe. Hackers are very creative in their attacks to obtain private keys, so a specifically designed hardware to protect this identity safely is essential.
In real world applications such as blockchain, AI and object-to-object communication, it can be particularly important to keep the private key safe using the VaultIC. A good example of object-to-object communication is electric vehicle charging stations.
“The car’s birth certificate is unique, and cannot be duplicated nor counterfeited,” said Carlos Moreira, Wisekey CEO. “At the same time, the connection between the car and the plug requires the same level of authentication, to keep connections and related transactions safe. Otherwise if a car connects to an unauthorised plug, the plug can transfer malware to the operating system of the car and allow hackers to later manipulate the car. Wisekey’s birth certificate provides the security needed to protect devices and users.”
Wisekey is a cyber-security company deploying large-scale digital identity ecosystems for people and objects using blockchain, AI and IoT. Its microprocessors secure the computing shaping the IoT. Wisekey IoT has an install base of over 1.5 billion microchips in virtually all IoT sectors, including connected cars, smart cities, drones, agricultural sensors, anti-counterfeiting, smart lighting, servers, computers, mobile phones and crypto tokens.
The company’s semiconductors produce a large amount of big data that, when analysed with artificial intelligence, can help industrial applications predict the failure of their equipment before it happens.