Security in Detail, Digital Certificates

19: Security in Detail

Public Key Infrastructure

Public key infrastructure (PKI) is based on an encryption technique that uses two keys: a public key and private key. Public keys can be used to encrypt messages which can only be decrypted using the private key. This technique is referred to as asymmetric encryption, as opposed to symmetric encryption, in which a single secret key is used by both parties.

TLS (SSL)

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), use asymmetric encryption for authentication. In some scenarios, only a server needs to be authenticated, in others both client and server authenticate each other. Once authentication is established, clients and servers use asymmetric encryption to exchange a secret key. Communication then proceeds with symmetric encryption, using this key.

SSH and some wireless authentication methods on the xSenso make use of SSL. The xSenso supports SSLv2, SSlv3, and TLS1.0.

TLS/SSL application hosts use separate digital certificates as a basis for authentication in both directions: to prove their own identity to the other party, and to verify the identity of the other party. In proving its own authenticity, the xSenso will use its own "personal" certificate. In verifying the authenticity of the other party, the xSenso will use a "trusted authority" certificate.

In short:

When using EAP-TLS, the xSenso needs a personal certificate with matching private key to identify itself and sign its messages.

When using EAP-TLS, EAP-TTLS or PEAP, the xSenso needs the authority certificate(s) that can authenticate those it wishes to communicate with.

Digital Certificates

The goal of a certificate is to authenticate its sender. It is analogous to a paper document that contains personal identification information and is signed by an authority, for example a notary or government agency. With digital certificates, a cryptographic key is used to create a unique digital signature.

Trusted Authorities

A private key is used by a trusted certificate authority (CA) to create a unique digital signature. Along with this private key is a certificate of authority, containing a matching public key that can be used to verify the authority's signature but not re-create it.

A chain of signed certificates, anchored by a root CA, can be used to establish a sender's authenticity. Each link in the chain is certified by a signed certificate from the previous link, with the exception of the root CA. This way, trust is transferred along the chain, from the root CA

xSenso User Guide

109 XSENSO 2100, XSENSO 21A2, XSENSO 21R2 specifications

Lantronix, a leader in secure communications and IoT solutions, offers a range of innovative products that cater to various industrial and commercial needs. Among their impressive lineup are the XSENSO 21R2, XSENSO 21A2, and XSENSO 2100 devices, each designed for remote monitoring and control applications that require reliability and versatility.

The XSENSO 21R2 is a powerful device focused on advanced sensor management. It features multiple analog and digital inputs, enabling users to monitor a wide variety of environmental parameters such as temperature, humidity, and pressure. This model excels in applications requiring real-time data collection and analysis. Its robust construction ensures high performance in challenging environments, making it ideal for industrial settings. The XSENSO 21R2 also incorporates cloud connectivity options, allowing for seamless data transfer and integration with existing IoT infrastructures.

Similarly, the XSENSO 21A2 is designed for users who prioritize ease of use along with functionality. This device is equipped with a user-friendly interface that simplifies configuration and monitoring. It supports various communication protocols, ensuring compatibility with different systems and applications. The XSENSO 21A2 boasts a compact design, suitable for space-constrained installations, and provides options for local and remote access to data, enhancing user flexibility.

The XSENSO 2100 stands out with its high-performance processing capabilities, making it suitable for complex monitoring tasks. Its enhanced computing power allows it to run sophisticated analytics directly on the device, thereby reducing latency and bandwidth consumption. The XSENSO 2100 is especially useful in scenarios that require extensive data processing at the edge, such as predictive maintenance and machine learning applications. It is equipped with advanced security features, ensuring that sensitive data remains protected during transmission and storage.

All three models embody Lantronix's commitment to innovation, incorporating the latest technologies such as wireless connectivity options, cloud integration, and support for various industry standards. Their scalability makes them suitable for projects of all sizes, from small businesses to large enterprises. These devices not only enhance operational efficiency but also empower businesses to make data-driven decisions, ultimately leading to improved performance and cost savings. With Lantronix’s XSENSO devices, organizations can take a significant step towards realizing their IoT aspirations.

Lantronix XSENSO 2100 manual Security in Detail, Public Key Infrastructure, Digital Certificates

Models: XSENSO 2100 XSENSO 21A2 XSENSO 21R2