As the number of IoT devices being integrated into our businesses and lives increase, more decisions are made on the data and insights from these devices. For informed decisions to be made, we need to trust the data, which relies on having trusted devices. This is increasingly difficult, as IoT devices are complicated – containing a lot of code and hardware that will inevitably contain security vulnerabilities.
What is Device Attestation?
Device attestation is the device making some claims about a device’s status that can be useful to OEMs and cloud service providers who want assurance that they can trust the devices. The claims include a device ID, the software version and the hardware version, and is provided in a manner that can be verified externally.
What is an Entity Attestation Token?
An entity attestation token, otherwise referred to as EAT, is a small blob of data that is cryptographically signed. The claims are packaged in either CBOR of JSON format and typically ECDSA signing is used and the claim format is specified by the IEFT.
Entity attestation tokens help to create trust between a device and a cloud application that may be managing the device. The service that receives the EAT is called the ‘relying party’. The relying party can verify the claims with the manufacturer, or a trusted third party (a verifier). This enables the process of enrolling a new device onto a network to be automated and also helps with counterfeit detection and management of updates.
How Can Companies Implement Attestation?
Many chip providers are building in a PSA Root of Trust (PSA-RoT) using open source firmware from Trusted Firmware. This open source reference implementation comes with EAT that is generated by the PSA-RoT. OEMs, when building a device, can use the PSA Functional APIs to request an EAT.
What is required:
- The chip or device will also need a private attestation key for signing the tokens
- The OEM will need a small bit of software on the cloud side to receive the EAT and process it
- The OEM will need either and in-house or third-party cloud side verification service
PSA Certified and Entity Attestation Tokens
Enabling Risk-based Judgements
PSA Certified calls for a small hardware protected region of the chip, called the PSA Root of Trust (PSA-RoT), that acts as a source of confidentiality and integrity. The PSA-RoT includes a small set of useful security functions, which are made accessible to software developers via open source and easy-to-use PSA Functional APIs. One of these key APIs deals with attestation and the creation of an Entity Attestation Token (EAT).
A Mechanism for Communicating Trust
With large amounts of fragmentation in IoT devices and software, service providers struggle to know how to identify the trustworthiness of devices they are connected to. Cloud service providers need to make informed judgements on end devices to ensure the data they are providing can be trusted. This requires a mechanism to identify, characterize and authenticate them.
EAT has the capabilities to provide this source of trust, using a cryptographically signed piece of data containing claims that are generated in the device Root of Trust (RoT). There are many ways it can be useful, but most importantly it can be read by a Relying Party (for example, the server or service). The Relying Party can verify the claims made by the device such as:
- The unique identity of the device
- Installed software on the device and its integrity status
- Security assurance and certification status (such as a PSA Certified level)
- Manufacturer of the device hardware
Using this information, the Relying Party can make informed decisions such as whether the device is legitimate and should be onboarded, or what services should be enabled based on its security credentials.
Easing the Implementation of EAT
Our new Entity Attestation Token white paper was co-created with the author of the EAT source code and provides you a unique insight into the technology. Download the whitepaper to learn more including:
- The anatomy of an Entity Attestation Token
- The four-step process of device attestation
- Use cases
- How the PSA Certified ecosystem is supporting its adoption.
PSA Certified aims to reduce IoT fragmentation and ease security concerns across the ecosystem, which is why we’re passionate about providing open source examples for EAT, which you can find in the Trusted Firmware-M project. If you’re looking for products that support EAT, you can find them here.