Allegro Software announced Thursday that is has earned FIPS 140-2 Level 1 validation for the Allegro Cryptography Engine, ACE utilizing hardware-based quantum entropy generation from EYL. Engineered for the rigors of embedded computing, ACE enables manufacturers to add standards-based cryptography to resource sensitive embedded systems quickly, easily and reliably while decreasing time to market.
Failure to obtain sufficient entropy destroys any security provided by long keys and sound algorithms. EYL’s Quantum Entropy Chip provides the necessary randomness for ACE to meet the stringent requirements for entropy based on quantum principles. ACE is ideal for use in IoT devices deployed in transportation, military, energy, healthcare and other critical infrastructure environments where strong validated cryptography is a requirement.
Entropy is a critical component for cryptography to be effective. Even the best algorithms cannot compensate for insufficient entropy. Such systems are vulnerable to attackers – with potentially disastrous results. This is especially true for resource sensitive IoT devices with strict power and memory budgets that often cannot wait for an entropy source to achieve a desired level of randomness.
EYL has solved this problem by harvesting randomness from the natural decay of an extremely small sample of a radioactive isotope. The source of randomness is based on quantum principles and is always truly random. EYL has worked closely with Allegro Software to integrate the EYL Quantum Entropy Chip (QEC) with Allegro’s ACE cryptography library and earn FIPS 140-2 validation.
The Allegro Cryptography Engine (ACE) is specifically engineered to meet the critical needs of embedded IoT computing environments and is one of the smallest, fastest, and most comprehensive FIPS 140-2 validated modules on the market. ACE enables IoT device developers to perform bulk encryption and decryption, message digests, digital signature creation and validation, and key generation and exchange.
ACE includes a platform-independent implementation of the NSA-defined Suite B suite of cryptographic algorithms, as well as other FIPS-approved algorithms.
Internet of Things (IoT) ecosystems have become increasingly prevalent, fundamentally changing the way we live, work and play. Billions of IoT devices already exist, with hundreds more coming online each second. Many are finding their way into the sixteen Department of Homeland Security (DHS) designated critical infrastructure ecosystems. The rich data streams from these IoT devices are driving the next generation of digital business and operational ecosystems.
The promised value from increased efficiencies, better productivity, and enhanced performance are driven by the use of digital twins, enhanced analytics, and third-party data sources to predict system outcomes. Predicted outcomes are used to operate, monitor, and control critical infrastructure that can affect every citizen (water, electricity, communications, defense systems, and more). As an example, the United Kingdom is driving the development of a “National Digital Twin” with the idea it will be able to make better IoT-fueled decisions.
With billions of IoT endpoints feeding data into billions of digital twins that interact and exchange operational outcomes in critical infrastructure, security is a top concern. Employing sound cryptography with FIPS 140-2 validation helps manage data security risk.
Unlike other solutions, FIPS 140-2 validated products have been through rigorous testing and review to ensure complex cryptography algorithms are properly implemented and perform as expected. Allegro’s latest ACE FIPS 140-2 validation allows manufacturers to manage data security risk when embedding it in their IoT devices that are deployed into federal agencies including the DHS identified critical infrastructure ecosystems.
“IoT devices are generating data at a scale never seen before. Some of the most sophisticated IoT ecosystems go well beyond simple analytics or monitoring and employ advanced AI techniques to understand, simulate and predict business and operational outcomes based on collected data,” says Bob Van Andel, president of Allegro. “Manufacturers that embed and properly utilize Allegro’s FIPS 140-2 validated cryptography are taking a proactive approach to managing data security risk in their IoT ecosystems.”
“FIPS 140-2 validation places very specific requirements on entropy sources used for seeding specific cryptography algorithms. EYL’s Quantum Entropy Chip meets and exceeds these requirements with an extremely small, fast and energy efficient solution,” says Buseok “Bruce” Jung, chief executive officer of EYL. “At EYL, with our Quantum Entropy Chip, we have found a way to harvest the best entropy nature can offer.”
The full Allegro Secure IoT Suite is provided as ANSI-C source code and is available, while the EYL QEC is available in a variety of physical formats and is also available.