Microchip collaborates with Amazon for authentication security model
Believed to be the industry’s first end-to-end security solution for IoT devices that connect to Amazon Web Services IoT (AWS IoT), the pre-configured ECC508 from Microchip creates secure, mutually authenticated IoT connections with AWS.
Currently, third-party manufacturers of devices that connect to AWS IoT service must take specific actions to comply with the advanced security model. First, they must pre-register their security authority to AWS servers to establish a trust model. They must then generate unique cryptographic keys that are mathematically linked to the pre-registered security authority. In volume production, the generation, secure handling and confidentiality of the unique keys can be a challenge in the chain of manufacturing especially where third-parties with different trust and compliance levels are involved.
In this version, the AT88CKECC kit will allow customers to meet the security standard of AWS’ mutual authentication model and connect to the AWS IoT platform during the evaluation and engineering phase. The AWS-ECC508 device assists with meeting security standards during the prototyping and pre-production phase. Finally, devices will be customised for production stages to ensure information security in customer applications.
The two companies collaborated to develop an integrated solution to help IoT devices quickly and easily comply with AWS’ mutual authentication IoT security model and implement these security best practices from evaluation through to production. It is, says the company, one of the fastest ways to connect toteh AWS Cloud, with a high level of security and simplified supply chain.
Customers simply solder the device on the board and connect it over I2C to the host microcontroller which runs an AWS software development kit leveraging the ECC508 device for AWS IoT. Once this is complete, there is no need to load unique keys and certificates required for authentication during the manufacture of the device, as the AWS-ECC508 is pre-configured to be recognised by AWS without any intervention. All the information is contained in a small (3.0 x 2.0mm), easy to deploy, crypto companion device.
A typical IoT device consists of a small (8bit) microcontroller, and is battery powered. It is typically constrained for resources such as central processing unit (CPU) performance to provide low latency responsiveness, memory and code space for security protocols and for how much power they consume in order to preserve battery life. The ECC508 has a low-power processor-agnostic cryptographic acceleration for compatibility with the widest range of resource-constrained IoT devices.
The AWS-ECC508 (ATECC508A-MAHAW-S and ATECC508A-SSHAW-T) is available in UDFN and SOIC packages and is sampling and in volume production now.