In the home automation scenario, smart gateway can bridge the many smart devices with Internet. In many cases, a server’s public certificate is stored in the embedded system’s ROM during manufacturing.

For example, in case of AlertMe gateway, each gateway device is manufactured with a unique ID. In addition, it also holds the public certificate of the AlertMe servers in ROM. On first boot, the gateway device generates a random RSA key pair, connects to the AlertMe servers, verifies the server’s identity (using the ROM public certificate), and gives the server its random public key.

My question is, since in the SSL/TLS connection the server will send its certificate to the gateway, why does the gateway have to store a public certificate in the ROM, before its first boot. If, like what it says, it is for the verification purpose, how does the gateway verify the server’s identity? Does it just compare the gateway’s certificate in the ROM with server’s certificate sent at SSL handshake? Can’t the embedded system contact the CA, to verify the identity of the server?

Moreover, on first boot, gateway will generate RSA key pair, and then the certificate. Where is the safest place in the Linux based gateway/embedded system to store the key?

2 Answers

For your question why the server certificate is saved in the ROM:

The saved certificate is checked against the certificate sent back by the server. This is a correct assumption from you. Therefore only one server is trusted at this moment.

You ask why the device does not simple connect to a CA. This would be another way to work. But even then the CA root certificate must be embedded in the ROM. This is needed because else how would you connect to the CA? You need also SSL/TLS to connect to the CA because else all the PKI would be senseless. So at least one certificate must be embedded in ROM.

As a slight side node: embedded developers are, in general, terrible at security. I did a whole presentation at a security conference on some of the more egregious stuff I’ve seen. If you’re adopting an embedded device that will sit in a privileged position in your network, or that will hold sensitive information, make sure you get it independently tested, and ensure that you place appropriate secondary controls (e.g. a hardware firewall) between it and your internal network. –  Polynomial Jun 21 ’13 at 8:26