An Open Source Effort to Encrypt the Internet of Things

An Open Source Effort to Encrypt the Internet of Things

End-to-end encryption is a staple of secure messaging apps like WhatsApp and Signal. It ensures that no one—even the app developer—can access your data as it traverses the web. But what if you could bring some version of that protection to increasingly ubiquitous—and notoriously insecure—Internet of Things devices?


The Swiss cryptography firm Teserakt is trying just that. Earlier this month at the Real World Crypto conference in New York it introduced E4, a sort of cryptographic implant that IoT manufacturers can integrate into their servers. Today most IoT data is encrypted at some point as it moves across the web, but it's challenging to keep that protection consistent for the whole ride. E4 would do most of that work behind the scenes, so that whether companies make home routers, industrial control sensors, or web cams, all the data transmitted between the devices and their manufacturers can be encrypted.


Tech companies already rely on web encryption to keep IoT data secure, so it's not like your big-name fitness tracker is transmitting your health data with no protection. But E4 aims to provide a more comprehensive, open-source approach that's tailored to the realities of IoT. Carmakers managing dozens of models and hundreds of thousands of vehicles, or an energy company that takes readings from a massive fleet of smart meters, could have more assurance that full encryption protections really extend to every digital layer that data will cross.

"What we have now is a whole lot of different devices in different industries sending and receiving data," says Jean-Philippe Aumasson, Teserakt's CEO. "That data might be software updates, telemetry data, user data, personal data. So it should be protected between the device that produces ..

Support the originator by clicking the read the rest link below.