Aktuelles
Keyfactor and Trusted Objects Partner on Matter Security Compliance for Smart Home Devices
March 2023 by Marc Jacob
Trusted Objects announced a new partnership with Keyfactor, the machine and IoT identity platform for modern enterprises. Together, the IoT security leaders will help manufacturers secure smart home devices in compliance with the global Matter Standard, while keeping their hardware design and manufacturing cost-effective and open to any type of MCU.
The embedded software root of trust delivered by Trusted Objects empowers any non-secure MCU with a Matter crypto processing stack and tamper-resistant vault holding the device Matter keys and certificates issued by Keyfactor’s renowned EJBCA PKI software. This occurs during a manufacturing process supported by Trusted Object’s local secure factory provisioning solution. Keyfactor EJBCA is the most renowned private PKI platform for corporate IT and IoT in the world. EJBCA matches the PKI requirements of the Matter compliant security with high scalability.
Trusted Objects provides a secure channel with the EJBCA platform and a Matter-compliant factory secure provisioning, up to the device’s microcontroller. Combined with the software root of trust, Trusted Objects ensures a full end-to-end security with a secure storage of private keys and certificates for any kind of MCU.
Jean-Pierre Delesse, co-founder and COO, Trusted Objects, adds: "The security solution developed jointly by Keyfactor and Trusted Objects is a key milestone for a wider adoption of smart home devices in full compliance with the Matter standard. It is also another step forward in simplifying security for all IoT ecosystems."
Cybersecurity concerns and lack of interoperability are the limiting factors for a wider adoption of IoT devices for home automation. The Matter smart home standard addresses these concerns; Matter is a communication protocol enabling interoperability, simplicity and security between smart home devices and platforms. The Matter specification 1.0 has been released in November 2022 by the Connectivity Standard Alliance (CSA), the Foundation for Connected Things. Security compliance includes the provisioning of secrets and certificates at the device level, which could be challenging for smart home devices manufacturers wishing to reuse an existing design for Matter or start a new project without a hardware secure element in the device.
More precisely, the Matter security compliance requires a manufacturer to operate a robust and reliable PKI infrastructure with a "Product Attestation Authority" (PAA) that acts as a root CA. After this step, the manufacturers must define a product CA, "Product Attestation Intermediate" (PAI), generate and inject securely at factory a unique "Device Attestation Certificate" (DAC) and its associated private key in the device’s microcontroller.
The solution is available now; it is easily extensible, highly scalable and easy to roll out. It will be demonstrated at the Keyfactor booth 4.133 Hall 4, during Embedded World Exhibition & Conference that will take place in Nürnberg, Germany, on March 14-16, 2023.
