Atmel’s Hardware-TLS (HW-TLS) platform provides an API that allows TLS packages to use hardware key storage and cryptographic acceleration even in resource constrained edge node designs. HW-TLS is a comprehensive solution pre-loaded with unique keys and certificates designed to eliminate the complexities of generating secure keys in the manufacturing supply chain.
OpenSSL is a general-purpose cryptography library that provides an open-source implementation of the Secure Sockets Layer (SSL) and TLS protocols. wolfSSL is a cryptography library that provides lightweight, portable security solutions with a focus on speed and size. Atmel’s ATECC508A-OpenSSL and ATECC508A-wolfSSL are available for immediate download at their respective software distribution repositories, offering seamless adoption of more secure elements without disruption to the developer workflow.
Secure hardening for both OpenSSL and wolfSSL is made possible with HW-TLS which allows those TLS software packages to interface seamlessly with the Atmel ATECC508A CryptoAuthentication co-processor. The ATECC508A provides protected key storage as well as hardware acceleration of Elliptic Curve Cryptography (ECC) cipher suites including mutual authentication (ECDSA) and Diffie-Hellman key agreement (ECDH). As such, HW-TLS allows developers to substantially harden Transport Layer Security (TLS), enhancing security for IoT-device and cloud-service ecosystems.
When used together, HW-TLS and the ATECC508A allow even extremely small, low-cost IoT nodes to implement strong cryptographic security. All private keys, certificates and other sensitive security data used for authentication are stored in secure hardware and protected against software, hardware and back-door attacks. In addition, the integrated ECC accelerators in the ATECC508A offload cryptographic code and math from the MCU allowing even a low end processor to perform strong authentication.
“Everyone with an interest in IoT security should be excited about Atmel HW-TLS with wolfSSL,” said Larry Stefonic, CEO, wolfSSL. “The combination of our secure software and Atmel’s new chips brings TLS performance and security to a level unrivalled in the industry. Atmel’s HW-TLS platform also makes it easier than ever for developers to incorporate truly hardened security into our TLS stack.”
Accelerated Crypto Processes
Atmel provides the following amplification; With the rise of the IoT, security has become a pressing topic because autonomous remote devices are now routinely connecting to wireless networks to form complex smart-device and cloud-service ecosystems. As a result, autonomous smart IoT devices constitute a significant part of those networks and must be able to authenticate themselves to the network resources to maintain the integrity of the ecosystem. In addition, these remote, resource-constrained clients must be able to perform this authentication using minimal processing, memory and power.
Traditionally, TLS performed authentication and stored private keys in software. The Atmel Hardware-TLS platform closes the vulnerability gap in this arrangement by offloading the crucial key management responsibility to dedicated, tamper-resistant secure elements such as the ATECCC508A CryptoAuthentication device. In addition, the intensive crypto algorithms are processed in the CryptoAuthentication device, offloading the MCU on the remote devices and enabling the IoT edge node to authenticate to the cloud without a user-perceptible delay. Atmel Hardware-TLS comes as a complete platform pre-loaded with unique keys and certificates for eliminating the complexities of adding secure keys to each device in a manufacturing supply chain.
The Atmel Hardware-TLS platform complements Atmel Certified-ID, a seamless and secure keys provisioning platform for creating trusted Internet identities for smart connected devices.
Atmel Hardware-TLS: www.atmel.com/tools/Atmel-HW-TLS.aspx
Atmel Secure Products: www.atmel.com/security
Atmel CryptoAuthentication: www.atmel.com/products/security-ics/cryptoauthentication/default.aspx