hero-cot

Unbound Crypto-of-Things (CoT)

Secure any key,
on any device

The first software-only solution that allows high-trust operations from insecure devices – even when the underlying device is compromised.

Show me how

Securely
authenticate,
sign and encrypt
over any device

Unbound CoT eliminates any single point of compromise by ensuring that sensitive keys residing on untrusted and insecure devices never exist in the clear at any point in their lifecycle – not even when generated or while in use.

With Unbound CoT, key material is never whole. Rather, each key exists as two random key shares. All operations are carried out without ever uniting the key shares.

By eliminating any single point of compromise, Unbound CoT provides an extremely high level of security for most sensitive keys such as authentication, signing and encryption keys – ensuring resistance from cloning or tampering even on compromised devices.

How can CoT help?

Secure Any Key, Anywhere
Secure Any Key, Anywhere
Unbound’s CoT protects any local key on any endpoint device by eliminating the single point of compromise using secure multi-party computation. Deployment is fast, integration is seamless, and there’s no dedicated hardware needed.
Gain Visibility
Gain Visibility
Real-time, tamper-proof audit logs allow you to understand exactly where your key shares are and how they’re being used.
Gain Control
Gain Control
No longer depend on underlying hardware or physical infrastructure. Get FIPS 140-2 HSM-level security with software-only.

What Makes CoT Unique?

central-management-and-real-time-tamper-proof-audit-trail
Central Management and Real Time Tamper-Proof Audit Trail
The CoT server includes a real-time tamper-proof audit log of any cryptographic operations performed on the endpoint (e.g. signing an authentication token, signing a transaction, data decryption). The audit log data can be fed into a SIEM, UEBA, or a risk engine, allowing detection of cryptographic key usage anomalies in real-time.
brute-force-proof-authentication
Brute-Force-Proof Authentication
Optional: Use 2FA to authorize any usage of the cryptographic key. Various authentication factors are supported, including PIN code, password, and native device biometrics such as FaceID, TouchID, and so on. Authentication takes place using the MPC algorithm between the endpoint and the CoT server, thereby preventing brute-force attacks.
instant-revocation
Instant Revocation
When a device is suspected as compromised, Unbound CoT allows ultimate control. Ensure instant revocation of any cryptographic key that is secured with CoT. The deletion of the relevant key share on the CoT server immediately renders the key useless -- preventing any potential key misuse.

CoT Deployment

diagram-architecture-non-continuous-secure-boundary

Each Unbound CoT system is comprised of a central server (CoT server) that is installed and managed by the customer. Various endpoint devices that run CoT software (CoT library) connect to the CoT server, creating a series of pairs – where each pair consists of a single endpoint device and the CoT server. Each of the pair nodes holds one share of a key. Together, CoT software on the device and the CoT server form the secure boundary of Unbound CoT.

Applications on the device use the CoT library API for consuming cryptographic service for the keys that are managed within the library, effectively creating a virtual secure enclave on the device. All connections between CoT devices to the CoT server are protected using server authentication (TLS). Key shares are constantly refreshed, so in order to maliciously obtain key material an attacker must compromise both the device and the CoT server simultaneously.

Demo mockup CoT

Try Unbound Demo Version

Schedule a demo

Crypto-of-Things Integrations

Unbound Crypto-of-Things (CoT) Client SDK is available for multiple operating systems: iOS, Android, Linux, and Windows. CoT also integrates with the below applications and OS.

ios
android
linux
microsoft

Further Reading

Crypto-of-Things
Developer’s Guide

Go to Documentation
cot
cot-datasheet

Learn How to Protect
Assets with Unbound
Key Control

Book A Demo

Learn More

Cryptographic Key Management Trends in 2020

In this survey, Unbound Tech and the Cyber Security Competency Group (CSCG) examine cryptographic key management practices across multiple sectors – and uncovers the truth about KM practices for enterprise in 202...
Download

A Basic Introduction to Secure Multi-Party Computation (SMPC)

Confused over MPC and what it means for cryptographic key protection in the enterprise? Learn straight from the experts with our new guide. A Basic Introduction to Secure Multiparty Computation (SMPC) is authored by...
Download

FIPS 140-2 Certification Levels: Security and Compliance Considerations

FIPS 140-2 certification provides vital assurance that cryptographic modules meet industry-accepted standards for protecting keys. Digital transformation has intensified the threat landscape across all networks and ...
Download
Your Cryptographic Security Setup

Is Your Cryptographic Security Setup Holding You Back?

Imagine a scenario where data is kept on hard drives or disks you own, phones can only… well… make phone calls (or send simple text messages), and currency is only of the traditional fiat kind. Welcome to 19...
Read More
The Cost of Doing Nothing

Securing Identity: The Cost of Doing Nothing

The old adage of “why do robbers target banks? Because that’s where the money is,” has never rung truer as it does today when we consider the increase in security attacks designed to gain access to identity ...
Read More
Encryption and Regulation

Encryption & Regulation

How Do I Encrypt Thee? Let Me Count the Ways In our recent blog post on NY-DFS compliance requirements, we discussed the significant role of encryption as a means for financial institutions to implement security ...
Read More
video-math-over-matter-webinar-light-400

How to protect your valuable digital assets In a zero trust environment?

Protecting valuable digital assets in zero trust environment. The mechanism behind the model of trust that eliminates the single point of compromise.
Watch
video-vhsmwebinar-light-400

How our pure software solution works

For those of you wanting to see exactly everything you can do in the Unbound NextGen vHSM® Interactive Demo, we’ve prepared this video tutorial that gives you a behind the scenes look.
Watch
video-casp-webinar-light-400

Digital assets: Security with speed and efficiency

Organizations are protecting clients’ digital assets by enabling easy to operate and automate transactions solution.
Watch

Protect any endpoint with Unbound CoT

Let Us Show You How
TALK TO AN EXPERT
prodcut-cot-cta