Digital Certificates

A digital certificate is an electronic credential used to verify and authenticate the identity of an individual or device. Its primary function is to attest that the data is bound to the originator and that the data has not been altered.

Like any physical identification, a digital signature can be created, expired, renewed, revoked or suspended. Digital certificates are typically issued by a recognized organization called a Certificate Authority (CA) that can verify the certificate requestor’s identity. Once a certificate is issued, the identity of the requestor can be trusted by all who trust the CA.

TrustPoint is a Certificate Authority.

Digital certificates are typically made up of three parts.

1. Identification information for the user or device.
2. A public key, associated with a private key that is kept by the user/device.
3. The digital signature.

Digital certificates, combined with public-key cryptography, provide an enhanced level of authentication and privacy for digital communications that simply cannot be achieved through passwords alone.

Because of the limited memory and bandwidth normally found in M2M environments, TrustPoint is leveraging Elliptic Curve Cryptography (ECC), which is best suited for this application.

ECC Expertise

Being a Certificate Authority is about one thing — trust. At TrustPoint, we are committed to establishing trust for our customers by providing a highly scalable, highly robust and secure solution that is purpose built for the creation, management and distribution of Elliptic Curve Cryptography (ECC) Certificates in high volume, for multiple end points.

ECC and the deployment of high volume ECC certificates is a fundamental part of TrustPoint, our research & development, and the systems we have put in place.

Our ECC solution is purpose built for the demands of the M2M market where memory and bandwidth is most constrained.

TrustPoint’s expertise in the field of ECC is second to none. Our founder, Dr. Scott Vanstone, is a world-renowned researcher, author and professor of mathematics at the University of Waterloo. He is the founder of Certicom Corp., which he grew to become the world leading supplier of ECC based solutions. He has taken his knowledge and expertise as a researcher and entrepreneur and founded TrustPoint.

Dr. Vanstone’s commitment to exploiting ECC to develop stronger, more efficient security solutions extends to the entire TrustPoint team, who is committed to the advancement and deployment of ECC for the M2M market. We have a team who has 100s of man years in researching, designing and deploying robust ECC based solutions to meet the needs of the market and who are recognized as thought leaders in the field of cryptography.

ECC Overview

RSA and DSA cryptographic solutions have enjoyed wide use in applications ranging from anti-cloning to secure firmware updates.

But as security and performance requirements become more demanding within smaller more constrained environments, as found in Machine-to-Machine (M2M) applications, there is a necessity for smaller and faster signatures that simply are not available through RSA and DSA.

ECC provides the most security per bit of any known public-key scheme and therefore, ECC-based signatures provide a smaller memory footprint, making them ideal for security authentication in M2M environments. TrustPoint’s ECC based solution is ideally suited for M2M applications, where memory and bandwidth is most constrained.

M2M Security

TrustPoint is bringing to the market a solution specifically designed to provide users and devices connected to M2M end points the ability to securely verify the authenticity of the sending device.

M2M devices are typically small, low cost, inexpensive, and able to operate unattended by humans for extended periods of time.

In many cases, it is likely that M2M devices will be deployed in very large quantities (e.g., tens of thousands), and many of them will also be mobile, making it challenging for operators or subscribers to send personnel to manage or service them.

Lastly the overall risk for M2M is more profound, especially when you consider that M2M can involve vehicle-to-vehicle, utility and healthcare connections. M2M doesn’t just present a more widespread threat with which to deal, it also presents one that is greater in terms of both severity and repercussions for networks and their users alike.

It is for these reasons it is imperative that M2M devices are deployed with secure features such as certificates. Users and points connected to M2M end points can verify the authenticity of the sending point by verifying its certificate with confidence.

Since M2M devices are typically small, low cost and inexpensive it is imperative to be able to deploy not only highly secure certificates but to do so utilizing the smallest footprint possible.

Elliptic Curve Cryptography (ECC) based certificates are ideally suited to meet such needs.