What is Root of Trust?
Root of Trust is the foundation of security on which your computing system and connected mobile devices depend on. Cryptographic security requires keys to encrypt and decrypt data, as well as perform other functions like generating and verifying digital signatures. Because Root of Trust schemes are inherently trusted, they must be secure by design.
Root of Trust schemes generally include hardware hardening technologies like a hardware security module (HSM). HSMs are hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates. HSMs are tested, validated, and certified to the highest security standards including FIPS 140-2 and Common Criteria. Entrust is a leading global provider of HSMs with the nShield General Purpose HSM product family.
Why Does Root of Trust Matter?
Root of Trust is becoming increasingly important as the use of Internet of Things (IoT) devices becomes increasingly common. To thwart hacking attempts, components of computing systems and connected mobile devices need a way to verify if the information they are receiving is authentic. The IoT Root of Trust helps build trust in the entire computing ecosystem by safeguarding the security of data and applications within it.
Root of Trust is also becoming increasingly important in evolving regulation and compliance mandates.
Root of Trust for Connected Mobile Devices
Root of Trust in mobile devices poses several challenges, including a greater risk of physical attacks, multiple semi-independent processors and interfaces, and power and space constraints. Bring Your Own Device (BYOD) policies pose additional challenges in assuring that personally owned devices comply with corporate policies.
Root of Trust and Public Key Infrastructure
Root of Trust is a critical component of public key infrastructure (PKI). Root of Trust is used to generate and protect root and certificate authority keys; code signing to ensure software remains secure, unaltered and authentic; and creating digital certificates and machine identities for credentialing and authenticating proprietary electronic devices for IoT applications and other network deployments.
Root of Trust for Key Management
Root of Trust is a critical part of key management. As multi-cloud deployments become more common, organizations struggle to maintain control over their critical keys. Dispersed keys lack clear ownership or a scalable management policy — both of which are made possible with Entrust KeyControl and Entrust nShield HSMs.
Root of Trust for IoT
Root of Trust is a building block for securing Internet of Things (IoT) security. Connecting IoT devices to your network creates limitless options for integration but can also create loopholes that can be exploited by hackers and other bad actors.
IoT devices can vary widely in terms of application and processor types, so there isn’t a standard method for implementing Root of Trust with IoT. Generally Root of Trust is secured with an HSM, but it can also be secured via software.