The following video explains the basis of TOSIBOX® technology – matching of TOSIBOX® devices and the connection establishment.


How does TOSIBOX® technology work?


The detailed steps illustrated in the video are:

I. Physical matching

  • In physical matching, the Key is inserted to the Lock’s USB port
  • During this process, the devices exchange their security certificates (and public keys)
  • This trust relationship is the basis for all communication happening afterwards

II. Connection establishment

  1. Key and Lock register themselves to the distributed MatchMaker service.
    The connection between the MatchMaker and TOSIBOX® devices is encrypted using TLS and mutually authenticated using certificates and PKI.
  2. Key requests a connection to the Lock.
  3. The VPN tunnel is mutually authenticated using certificates and PKI.
  4. The VPN tunnel is established directly between the TOSIBOX® devices.
    The connection is end-to-end authenticated and encrypted. Encryption and decryption takes place at the connection end points.

Distributed MatchMaker

The key features and properties of the distributed MatchMaker service are:

  • Needed for device discovery
  • Helps with setting up the VPN tunnel
  • Not required after the VPN connection is established
  • Distributed across multiple data centers in different countries
  • Fault-tolerant, backed up
  • Monitored 24/7 by Tosibox Oy