Allegro Software improves FIPS 140-2 support for IoT applications that require validated cryptography


Allegro Software, a supplier of Internet component software for the Internet of Things (IoT), announced this week that it has earned FIPS 140-2 level 1 validation on four additional platforms with the Allegro Cryptography Engine (ACE) from the U.S. government’s National Institute of Standards and Technology (NIST).

This marks the culmination of Allegro’s largest validation effort to date with the U.S. government. Specifically engineered for the rigors of resource constrained IoT computing environments, ACE enables manufacturers to leverage standards-based cryptography in IoT environments with ease.

ACE is ideal for use in embedded systems and IoT applications in the military, energy, medical and communications industries.

IoT applications are engineered from the ground up for resource sensitive execution environments. Typically, the primary driving factor in these applications aims to deliver the highest value IoT product at the lowest cost. Unfortunately, implementing cryptographic security protocols in any environment is resource intensive in CPU, RAM and ROM which IoT devices often find difficult to support.

To help address these needs, silicon manufacturers augment their chipsets with specifically engineered cryptographic engines to off-load resource intensive cryptographic calculations. Two of Allegro’s most recent FIPS 140-2 validated ACE modules have the flexibility to utilize on-board cryptographic acceleration when available. This increases throughput while reducing the demand for CPU, RAM and ROM.

These validations have been configured to support the on-board cryptographic acceleration from Intel (AES-NI) in addition to hardware based entropy to meet the latest NIST Implementation Guidance for FIPS modules.

“The need is critical for advanced security in IoT devices,” says Bob Van Andel, President of Allegro. “With the culmination of Allegro’s latest validations, IoT developers have access to the most essential component of seven key elements needed for proactive IoT security – highly portable, reliable, FIPS 140-2 validated cryptography.”

Since the passage of the Federal Information Security Management Act (FISMA), Federal agencies and contractors have a mandate to maintain greater control over data and information systems as a whole. U.S. Federal agencies that use cryptographic-based systems to protect sensitive information in military, medical, telecommunications, IoT applications and other IT-related products must use FIPS 140-2 validated modules to meet these security requirements. FIPS 140-2 validation is also required by national agencies in Canada and is recognized in Europe and Australia.

ACE is one of the smallest, fastest, and most comprehensive FIPS 140-2 validated software modules on the market for IoT applications. Specifically engineered for the critical cryptographic computing needs of IoT applications, ACE is easily used, highly portable, and uniquely configurable to operate in the toughest resource sensitive environments. With a rich software API, IoT developers can easily perform bulk encryption and decryption, message digests, digital signature creation and validation, along with key generation and exchange.

ACE also includes a platform independent implementation of NSA defined Suite B cryptographic algorithms as well as other FIPS approved algorithms. The FIPS approved algorithms are listed on the NIST CAVP sites along with the final validation designation on the NIST CVMP site.

To further aid developers implementing IoT security, ACE is pre-integrated with the full suite of Allegro AE IoT connectivity and security toolkits including RomSTL (TLS 1.2), RomCert (SCEP and OCSP), RomSShell AE (SSH), RomPager AE (web server) and RomWebClient AE (web client).

ACE is delivered as an ANSI-C source code toolkit and is available now.

Leave a Reply

IoT Innovator

IoT Innovator