Data Protection

The average damage cost of a ransomware breach in the United States was valued at $4.62 millions in 2021 by IBM Research. SEALSQ provides solutions to protect Data at rest, in-use or in motion. 

Introduction

Protecting Data at Rest & In Motion

Whether it’s to comply with data protection legislation and standards such as GDPR, HIPAA, or PCI DSS or to ensure they preserve their competitive advantage, companies must protect their sensitive information from both malicious outsiders and careless insiders.
The technologies that are used to protect data in each of its states include identity authentication, access control, data encryption, data integrity and non-repudiation. SEALSQ develops vertical solutions that implement these mechanisms by combining secure semiconductors and trust services.

Picto SEAL SQ - Certified Microcontrollers

Protect

Tamper resistant microcontrollers prevent access to the data, firmware and keys stored at-rest in hardware of computers, IoT nodes and endpoints like sensors or devices.

Picto SEAL SQ - Encrypt

Encrypt

SEALSQ products use NIST recommended algorithms to securely encrypt the data at rest or in motion.

Picto SEAL SQ -  Share

Share

SEALSQ secure elements enable the TLS protocol to secure data in transit, while asymmetric cryptography provides stronger protection with unique keys

Picto SEAL SQ - Open interfaces support-1

Manage

SEALSQ Secure device identity provisioning (VaultITrust) and lifecycle management (INeS) prevents impersonation attempts and allows roles, devices and users management along the lifecycle from a zero-trust factory to EOL.

SEAL SQ SECURITY

The challenge: Encrypting the data & protecting keys

Among the common attacks are stealing the data and holding it for ransom, publicly exposing the data, covertly using the data to attack the owner, corrupting the data, or crippling the products and/or services of the owner(especially in the case of IoT networks). Data encryption and safe encryption-key storage is the last-standing and most critical digital security layer.

The Solution

Data can be efficiently encrypted/decrypted using SEALSQ secure platforms like MS600X series or the VaultIC secure elements family. They can safely store keys and encrypt data using NIST validated hardware algorithms like AES, ECC or RSA. They have built-in physical protection mechanisms designed to defend against external tamper, bypass physical attacks and more.

SEAL SQ Data can be efficiently encrypted_decrypted using SEAL SQ

Key Features

SEALSQ Data Encryption

Encryption is required to secure data at all stages. While VaultIC secure elements are ideal chips to be embedded in an IoT device to provide the required secure algorithms and keys to encrypt data on the field before storing or sharing it, it is also possible to use the MS600X secure platform family to create secure encrypted cold storage devices..

Picto SEAL SQ - Algorithm

Wide range of NIST Certified encryption Algorithms

Symmetric algorithms like AES(256), and also asymmetric like RSA

Picto SEAL SQ - Certifié et conforme

Certified and compliant

Encryption keys are protected inside tamper resistant chips complying with latest hardware and firmware protection standards (CC EAL5+ and FIPS 140-3).

Picto SEAL SQ - CA management

Encryption via TLS 

The VaultIC Series supports TLS which includes encryption of the data before sharing it with other devices, cloud servers etc.

SEAL SQ Research & Innovation  AI, Deep Learning and other attacks Side-Channel & Deep Learning (1)

The challenge: Ensure Data exchange only occurs among legitimate user/devices/applications

Data is more exposed to threats when being transmitted or processed: it can be stolen, altered or substituted via spoofing and man-in-the-middle techniques. Ubiquitous IoT devices, sensors and actuators communicating among themselves and with a cloud or private network are often the target, but also data being exchanged between different internal parts of a device or closed system (PC, factories, cars).

The Solution: SEALSQ device identity framework

SEALSQ provides trusted Digital-IDs and SaaS services to provision them securely into devices to enable mutual authentication and secure protocols like TLS. SEALSQ also provides Certificate Lifetime Management software (INeS) so trusted device identities can be centrally and securely managed through time.

SEAL SQ The Solution_ managed PKI INES

Key Features & Benefits

SEALSQ Trusted Device Identity framework

Picto SEAL SQ - Root-of-Trust

Swiss based Root-of-Trust

Publicly trusted Certificate Authority Recognized by Browsers, Smart Phones, etc.

Picto SEAL SQ - Zero-Trust (1)

Provisioning & personalization SaaS Services (VaultITrust)

Certificate and key pair generation and injection services under CC EAL5+ secure environment, or over the air for Zero Trust environments.

Picto SEAL SQ - Plateforme Saas PKI managée (INeS)

Managed PKI Saas Platform (INeS)

Fully fledged managed PKI SaaS Platform including IoT Nodes certificates (X509), lifecycle management tools and APIs with AWS and AZURE.

White Paper SEAL SQ IoT - Drone Security (1)

Drone images signature and encryption using VaultIC40X

When French military forces use Parrot Drones for field inspection, it is key to protect the images and videos captured and transmitted by the drone. The below white paper explains how the Parrot ANAFI AI professional Drone can sign and encrypt each picture leveraging the VaultIC40X capabilities.

seal-visual

Fill the form to download the white paper