Key Pair Generation & Signing
As the Internet of Things continues to expand, companies are recognizing the value and necessity of authentication. Often relying on asymmetric cryptography to deliver this authenticity, the creation of large volumes of key pairs and the ability to associate these key pairs to a known constant can be a logistical challenge. Moreover, generating these key pairs and having them signed by a certificate authority for assignment to a known constant ultimate distribution and is all the more challenging.
KeyBRIDGE has the ability to generate, store, and distribute hundreds of thousands of key pairs per day. Additionally, by leveraging the KeyBRIDGE API for Remote Centralized Key Management (ARCK), users can use this simple JSON Schema Restful API to request generation and facilitate secure signing while relying on KeyBRIDGE for the secure delivery of signed key pairs to target devices.
Users can specify unique attributes for inclusion
• Dynamic data.
• Type of keys and certificates needed.
• Receive and process and forward data.
• Payload encryption certificate.
• Creation of key pairs (RSA 2048, ECC P521).
• Support mass generation of key pairs of specified certificates.
• Creation of certificate request (CSR) and submission of CSR to appropriate Certificate
Authority (CA) using RESTful API.
• Retrieve Certificates from CA using RESTful APIs.
• Digitally sign payloads.
Robust Audit Logging
• Query, Filter, and View: Date/Time of requests/call, key generation, CSR creation,
payload packaging, package signing, and package delivery.
• Query, Filter, and View: Date/Time of status receipt, request submission, request
processing, CA receipts/retrievals, and payload delivery/pickup.
• Query, Filter, and View: Hundreds of unique functions.
• Validate audit entries, with FIPS 140-2 Level 3 encryption.
• Supports availability and scalability requirements via network load balancing,
software modularity, and other methodologies.
• Automated backup with support for numerous endpoint storage locations.
• Authentication of clients via mutual TLS/SSL.
• Receive, process and forward data required to generate CSRs.