Chat with us, powered by LiveChat

AKM is a certificate free, combined decentralized key management system and secure communication protocol layer based on the concept of zero knowledge, that is often favorably compared with Blockchain.

Or, as we like to say, AKM has Blockchain features without Blockchain complexity!

About AKM

Features of the Key Management System aspect of AKM include, but are not limited to:


Maintenance Free

Once a security relationship has been provisioned, no external maintenance should ever be required (thus, all AKM relationships are self-maintained and decentralized and require no external maintenance once provisioning has been completed).

Secure Boot with Device Authentication

The Zeus Security Architecture uses a unique AKM Protocol Identifier in combination with an onboard, AKM enabled HSM to provide a Secure Boot Feature to AKM enabled devices. Thus, ensuring only the precise associated host hardware is being used.

Anti-spoofing and Network Authorization

Because an AKM protocol identifier can be uniquely associated with a specific device, and because security relationships are constantly being automatically updated, stale or substitute devices cannot be re-inserted into an AKM protected network without being re-provisioned. This also ensures that only authorized devices can ever be inserted into an AKM protected network.

Certificate Free Security Credentials that are Re-Generated and NOT Derived

Olympus Sky’s patented, decentralized, distributed, regeneration methodology ensures that next session security credentials are internally created and cannot be predicted by an outside observer.

Perfect Forward Secrecy

Because Next Session Security Credentials are calculated based upon a randomly selected subset of parameters from the Parameter Data Vector (PDV), there is no mathematically available means to determine which parameters were used in prior sessions for calculating previous session Security Credentials.

Enterprise Grade Entropy

It can be mathematically shown that the entropy associated with the generation of next session credentials, is greater than the age of the universe as measured in seconds.

Scalability at IoT Scale

Because AKM may be configured as a broadcast architecture, and Security Credentials can be configured for any number of ‘n’ nodes, where ‘n’ is any value greater than ‘1’, there is no limitation with respect to the number of nodes or size of an AKM Security Relationship.

Minimal Digital Footprint

Edge Node AKM Software Applets are typically under 20K bytes and can be compressed down to below 10K bytes.


Download Whitepapers

Interested in learning more about our technology? Download the Whitepapers.

Technical Requirements

Embedded Platforms Supported

  • Renesas R-Car M2 (ARM)
  • FastLogic Pantera (ARM)
  • Proprietary Customer Boards (MPC5748G)
  • SD Card based HSM with Infineon Crypto-processor (under development)
  • BeagleBone Black with T.I. ARM335x Sitarra
  • Various PowerPC based boards

PC Platforms Supported

  • X86

Operating Systems Supported

  • Apache Linux
  • Ubuntu
  • FreeRTOS
  • Customized bare metal port

Replay Attack Protection

The AKM protocol has a replay counter located within every frame. Thus, preventing previous frames from being retransmitted.

Encrypted Frame Headers

With the exception of the AKM relationship identifier, the entire frame and frame header are encrypted, including the destination and source address.

Man-in-the-Middle (MITM) Prevention

Because there are no secrets shared, there is no possibility of communication being intercepted and spoofed. Thus, no possibility of a MITM attack. Additionally, all communication is validated with a replay counter and Message Authentication Code (MAC), thus, making the possibility of an MITM attack even more difficult.

Low-Power and Energy Efficient

Because only linear hashing functions and symmetric encryption are used, implementation of AKM requires minimum computational resources.

Zero Latency

Because Bulk Encryption begins with the very first frame of an AKM session, there is no appreciable latency (other than the protocol header) associated with an AKM protected network.

Low Overhead

AKM frame headers are typically, on par or smaller than TLS frame headers, between 24-30 bytes.