At what point to install the key and certificate on the iot device?

E

Eugene2018-10-30 10:59:25

Electronics

Eugene, 2018-10-30 10:59:25

I am writing a firmware for an iot device and the question arose of how it is customary to install keys on devices: hardcode into the firmware, or receive from some server, or, having an android application for the device, transmit via bluetooth? Key and certificate are needed for tls connection with mqtt broker.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Anton Gerasimov, 2018-10-31
@OYTIS

The best option from a security point of view is to generate a key pair and a certificate request (CSR) directly on the device, rather than uploading it from outside or hardcoding. But this requires a good random number generator, and even a specialized chip is better.

P

pfg21, 2018-10-30
@pfg21

depending on what you have in mind and why do you need keys with certificates.
for example, poppy addresses are pushed into network devices ahead of time so that they can be clearly distinguished later.
clairvoyants have long fled to RENTV.