Unbound Crypto-of-Things (CoT)

Secure any key,
on any device

The first software-only solution that allows high-trust operations from insecure devices – even when the underlying device is compromised.

Show me how

sign and encrypt
over any device

Unbound CoT eliminates any single point of compromise by ensuring that sensitive keys residing on untrusted and insecure devices never exist in the clear at any point in their lifecycle – not even when generated or while in use.

With Unbound CoT, key material is never whole. Rather, each key exists as two random key shares. All operations are carried out without ever uniting the key shares.

By eliminating any single point of compromise, Unbound CoT provides an extremely high level of security for most sensitive keys such as authentication, signing and encryption keys – ensuring resistance from cloning or tampering even on compromised devices.

How can CoT help?

Secure Any Key, Anywhere
Secure Any Key, Anywhere
Unbound’s CoT protects any local key on any endpoint device by eliminating the single point of compromise using secure multi-party computation. Deployment is fast, integration is seamless, and there’s no dedicated hardware needed.
Gain Visibility
Gain Visibility
Real-time, tamper-proof audit logs allow you to understand exactly where your key shares are and how they’re being used.
Gain Control
Gain Control
No longer depend on underlying hardware or physical infrastructure. Get FIPS 140-2 HSM-level security with software-only.

What Makes CoT Unique?

CoT Deployment


Each Unbound CoT system is comprised of a central server (CoT server) that is installed and managed by the customer. Various endpoint devices that run CoT software (CoT library) connect to the CoT server, creating a series of pairs – where each pair consists of a single endpoint device and the CoT server. Each of the pair nodes holds one share of a key. Together, CoT software on the device and the CoT server form the secure boundary of Unbound CoT.

Applications on the device use the CoT library API for consuming cryptographic service for the keys that are managed within the library, effectively creating a virtual secure enclave on the device. All connections between CoT devices to the CoT server are protected using server authentication (TLS). Key shares are constantly refreshed, so in order to maliciously obtain key material an attacker must compromise both the device and the CoT server simultaneously.

Demo mockup CoT

Try Unbound Demo Version

Schedule a demo

Crypto-of-Things Integrations

Unbound Crypto-of-Things (CoT) Client SDK is available for multiple operating systems: iOS, Android, Linux, and Windows. CoT also integrates with the below applications and OS.


Further Reading

Developer’s Guide


Learn How to Protect
Assets with Unbound
Key Control

Learn More

Cryptographic Key Management Trends in 2020

In this survey, Unbound Tech and the Cyber Security Competency Group (CSCG) examine cryptographic key management practices across multiple sectors – and uncovers the truth about KM practices for enterprise in 202...

A Basic Introduction to Secure Multi-Party Computation (SMPC)

Confused over MPC and what it means for cryptographic key protection in the enterprise? Learn straight from the experts with our new guide. A Basic Introduction to Secure Multiparty Computation (SMPC) is authored by...

FIPS 140-2 Certification Levels: Security and Compliance Considerations

FIPS 140-2 certification provides vital assurance that cryptographic modules meet industry-accepted standards for protecting keys. Digital transformation has intensified the threat landscape across all networks and ...
Your Cryptographic Security Setup

Is Your Cryptographic Security Setup Holding You Back?

Imagine a scenario where data is kept on hard drives or disks you own, phones can only… well… make phone calls (or send simple text messages), and currency is only of the traditional fiat kind. Welcome to 19...
The Cost of Doing Nothing

Securing Identity: The Cost of Doing Nothing

The old adage of “why do robbers target banks? Because that’s where the money is,” has never rung truer as it does today when we consider the increase in security attacks designed to gain access to identity ...
Encryption and Regulation

Encryption & Regulation

How Do I Encrypt Thee? Let Me Count the Ways In our recent blog post on NY-DFS compliance requirements, we discussed the significant role of encryption as a means for financial institutions to implement security ...

How to protect your valuable digital assets In a zero trust environment?

Protecting valuable digital assets in zero trust environment. The mechanism behind the model of trust that eliminates the single point of compromise.

How our pure software solution works

For those of you wanting to see exactly everything you can do in the Unbound NextGen vHSM® Interactive Demo, we’ve prepared this video tutorial that gives you a behind the scenes look.

Digital assets: Security with speed and efficiency

Organizations are protecting clients’ digital assets by enabling easy to operate and automate transactions solution.

Protect any endpoint with Unbound CoT

Let Us Show You How