Whitewood, which develops crypto-security solutions, and wolfSSL, a leading provider of security and connectivity technologies for the embedded, machine-to-machine (M2M), and Internet of Things (IoT) markets, are pleased to announce a technology and co-marketing partnership. With this partnership, wolfSSL will enable its customers to utilize Whitewood’s netRandom system to supply random numbers at scale to devices and distributed applications that incorporate wolfSSL’s embedded security system toolkits.
As demand accelerates for enhanced security for networked applications, product vendors and system operators are re-examining how they develop and deploy secure crypto capabilities. These applications span a huge range of hardware platforms and software environments, from smart devices in cars to routers, printers, credit-card scanners, and IP and mobile phones. The sheer diversity and scale of these deployments brings the issue of random generation, the very foundation of every crypto-security, to the forefront.
Whitewood’s netRandom product offers access to network-delivered true random numbers, helping to eliminate traditional dependencies on individual devices and host machines to capture entropy from their local environments and generate their own random numbers. By incorporating the netRandom Client into the wolfSSL toolkits, applications and devices have the enhanced ability to request true random numbers and seed values from a shared and high-quality entropy source, the netRandom Server.
“We live in a world where companies can no longer take random number generation for granted. It’s time for a more professional network-based approach to security, and by partnering with Whitewood, we are delivering that new standard,” said Larry Stefonic, Chief Executive Officer of wolfSSL. “Our clients will now have the choice of relying on local random number generators or supplementing them with high security random seeds from a trusted, shared source. This will be particularly valuable for customers that need to gain security certification for their products, as testing labs are quite rightly placing increasing emphasis on validating entropy sourcing and random number generation.”
In almost all cases, random number generation is performed by deterministic software processes within the operating system. These otherwise predictable outputs are randomized by capturing apparently random signals or events from the hardware platform or local environment. However, the degree to which these sources of randomness are truly unpredictable and random varies enormously and is notoriously unreliable to measure. This inevitably results in the quality of randomness varying from device to device, leading to inconsistency and doubt, particularly across large-scale deployments.
“In today’s climate of heightened cybersecurity risks, product developers implementing encryption capabilities or other forms of cryptography need to access adequate supplies of true random numbers to ensure that they satisfy stringent security requirements,” said Richard Moulds, Vice President of Strategy for Whitewood. “We have already seen many local configuration issues transition to network-synchronized capabilities, such as ‘time-of-day’ settings, and we expect entropy and random number generation to evolve in a similar way. netRandom helps to make that possible with a simple approach to boosting random number capabilities across a wide variety of platforms and applications, bringing a new level of consistency and assurance.”
Whitewood’s netRandom solution is the only network-based provider of random numbers supported by wolfSSL. The ability to request random seed data over the network can help overcome situations where individual devices lack the power and capability to capture local entropy and therefore generate truly random numbers and cryptographic keys – both essential items in securing IoT applications.
For more information, visit www.wolfSSL.com.