Amazon and Microsoft both have IoT services that manage message and state brokering. These sort of services generally require machines to have unique security certificates embedded into the firmware so that they can securely authenticate with the service.
How do these sort of security certificates find their way into the firmware of mass manufactured products? Is it the manufacturers job to burn the firmware onto the microcontroller with a unique security certificate installed per machine? Or does a company hire their own workers to accept shipment on microcontrollers, load the firmware, and send them off to the manufacturers pre-loaded?
Curious how this is actually done in practice.
Best Answer
In many cases, the private key in such devices is generated by the firmware, based on some random inputs (like thermal noise). In this case, the key never exists outside the device and there's no easy way to extract it. The advantage of this method is that mass-production can be done by an external company that you don't fully trust.
Off-device key generation is also possible and used. In that case, you have to fully trust the factory which burns the firmware into the chips.
WolfSSL library documentation gives the following advice to developers using it: