wolfSSL for Secure IoT Device Design

wolfSSL and Keyfactor’s Integrated Solution

Combining wolfSSL’s embedded crypto engine and Keyfactor’s solution for unique device identity tied to
a secure Root of Trust, IoT device designers, and manufacturers can secure their next-gen connected
devices over their lifetime.

Icon Icon

Complete Visibility

Comprehensive “chip to cloud” security identity solution.

Icon Icon

Zero Trust Manufacturing

Eliminate expensive batch-process key injection or management of onsite factory HSMs.

Icon Icon

Supply Chain Flexibility

Move away from the management of pre-programmed and customized reels of components that are required for each SKU.

Icon Icon

Lifecycle Management

Utilize on-device key generation and signing services so your keys never leave your device.

Icon Icon

Secure Code Signing

Implement secure firmware signing with Keyfactor’s PKI to generate the trust chain used in firmware signature verification.

Icon Icon

Release Products Faster

Spend less time creating one-off security processes and get products to market faster.

Perfect for your Embedded Devices

wolfSSL is a fully-featured, progressive, and easy to use SSL/TLS library perfect for resource-constrained systems.

With a footprint size of 20-100kB, the runtime memory usage of 1-36kB, and support for many platforms, it is the perfect solution for securing your embedded project today.

Expansive Support for Chipmakers and Operating Environments

wolfSSL has expansive support for chipsets and operating systems that are being used in your manufacturing supply chain. Below is just a sample list of the most common design environments.

If you don’t see your chipset or OS, we likely still support your use cases.

Example Chipsets:

  • ARM, Intel, Motorola, mbed, NXP/Freescale, MicroChip/Atmel, STMicro, Analog Devices, Texas Instruments, and more.


Example Operating Systems:

  • Win32/64, Linux, macOS, Solaris, Threadx, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, Yocto Project, OpenEmbedded, WinCE, Haiku, OpenWrt, iPhone, Android, Nintendo Wii and Gamecube through DevKitPro support, QNX, MontaVista, Tron variants, NonStop OS, OpenCL, Micrium’s MicroC/OS-II, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, TI-RTOS, HP-UX, uTasker, uT-kernel, embOS, INtime, mbed, RIOT, CMSIS-RTOS, FROSTED, Green Hills INTEGRITY, Keil RTX, TOPPERS, PetaLinux, Apache Mynewt, PikeOS, and more.

Implement Secure Boot with wolfSSL + Keyfactor

Enabling secure boot functionality with the wolfBoot library along with Keyfactor’s end to end signature verification process.

This ensures that code hasn’t been tampered with prior to being executed.

Our secure bootloader capability & digital signature verification prevents unauthorized firmware from running on your mission-critical IoT devices.

IoT device identity at scale

IoT deployments come with the need for data protection and secure authentication at multiple endpoints.

Additionally, IoT systems need to scale efficiently and reliably into the millions of devices.

Our IoT PKI can be designed to issue and manage this volume of certificates based on specific policies and assurance levels needed.

Single Pane of Glass for Managing the IoT Secure Identity Lifecycle

Using PKI to bind an identity to a key is the strongest way to authenticate devices, users, and endpoints in an IoT system.

Keyfactor’s platform offers a single pane of glass into certificate management over the complete lifecycle of the IoT product by utilizing the strength PKI.

Keyfactor covers a variety of use cases from device authentication, data encryption, and secure code signing services. All these features are enabled with a minimal footprint on the actual IoT device and are scalable to over 500,000+ devices.

Find out how the Keyfactor platform can modernize your PKI, prevent
certificate outages, accelerate DevOps security, and more.