Geneva, Switzerland, July 23, 2020: A birth certificate for IoT devices? That’s precisely what IoT company WISeKey International Holding Ltd. is offering.
The global cybersecurity company has said in a press release that it had started to provide a unique identity for IoT devices in the form of an “IoT Birth Certificate”. What’s more, it will also protect their unique identity using its secure VaultIC semiconductor.
A digital identity for any IoT device is analogous to a person’s birth certificate, said WISeKey. The IoT certificate is signed, or “certified” by a trusted authority and contains basic information such as date & time of manufacture (birth), company (parents), and type of product (gender, eye color, etc.). This digital identity, used throughout the IoT device’s lifetime, allows the device to become a “Good Citizen” of the Internet, prove its identity and provide verifiable data.
The IoT Birth Certificate is based on a cryptographic public‑private key pair that is unique to each IoT device. The public key for this key pair is part of the certificate and can be freely distributed, while the private key is used whenever the IoT device needs to verify its identity or to sign data to ensure cryptographic integrity. It is the private key that represents the essence of the identity of the IoT device.
Why Is It Needed?
According to the company, an IoT device can be impersonated by compromising the device’s private key. To protect against impersonation, the device’s digital identity is protected using WISeKey’s VaultIC hardware that is specifically designed to keep the private key safe. Hackers are very creative in their attacks to obtain private keys, so a specifically designed hardware to safely protect this identity, is essential.
Image credit: WISekey