Keyfactor, Trusted Objects partner on Matter security compliance for smart home devices
Ellen Boehm of Keyfactor
Trusted Objects, a skilled in delivering security solutions including secure provisioning platforms to secure the IoT ecosystems, has announced a new partnership with Keyfactor, a machine and IoT identity platform for modern enterprises. Together, the IoT security leaders will help manufacturers secure smart home devices in compliance with the global Matter Standard, while keeping their hardware design and manufacturing cost-effective and open to any type of MCU.
The embedded software root of trust delivered by Trusted Objects empowers any non-secure MCU with a Matter crypto processing stack and tamper-resistant vault holding the device Matter keys and certificates issued by Keyfactor’s renowned EJBCA PKI software. This occurs during a manufacturing process supported by Trusted Object’s local secure factory provisioning solution. Keyfactor EJBCA is the renowned private PKI platform for corporate IT and IoT in the world. EJBCA matches the PKI requirements of the Matter compliant security with high scalability.
“We are thrilled to partner with Trusted Objects to enable IoT manufacturers looking to build devices with a reliable root of trust solutions,” says Ellen Boehm, SVP of IoT strategy and operations, Keyfactor. “The partnership will ensure IoT devices are built on a highly scalable PKI offering, while providing flexible security solutions for both greenfield and brownfield IoT devices.”
Trusted Objects provides a secure channel with the EJBCA platform and a Matter-compliant factory secure provisioning, up to the device’s microcontroller. Combined with the software root of trust, Trusted Objects ensures a full end-to-end security with a secure storage of private keys and certificates for any kind of MCU.
Jean-Pierre Delesse, co-founder and COO, Trusted Objects, adds, “The security solution developed jointly by Keyfactor and Trusted Objects is a key milestone for a wider adoption of smart home devices in full compliance with the Matter standard. It is also another step forward in simplifying security for all IoT ecosystems.”
Cybersecurity concerns and lack of interoperability are the limiting factors for a wider adoption of IoT devices for home automation. The Matter smart home standard addresses these concerns; Matter is a communication protocol enabling interoperability, simplicity and security between smart home devices and platforms. The Matter specification 1.0 has been released in November 2022 by the Connectivity Standard Alliance (CSA), a Foundation for Connected Things. Security compliance includes the provisioning of secrets and certificates at the device level, which could be challenging for smart home devices manufacturers wishing to reuse an existing design for Matter or start a new project without a hardware secure element in the device.
More precisely, the Matter security compliance requires a manufacturer to operate a robust and reliable PKI infrastructure with a “Product Attestation Authority” (PAA) that acts as a root CA. After this step, the manufacturers must define a product CA, “Product Attestation Intermediate” (PAI), generate and inject securely at factory a unique “Device Attestation Certificate” (DAC) and its associated private key in the device’s microcontroller.
The solution is available now; it is easily extensible, highly scalable and easy to roll out. It will be demonstrated at the Keyfactor booth 4.133 Hall 4, during Embedded World Exhibition & Conference that will take place in Nürnberg, Germany, on March 14-16, 2023.
Comment on this article below or via Twitter @IoTGN