diff --git a/esp32_device/.vscode/settings.json b/esp32_device/.vscode/settings.json
index 4691b44..e28b840 100644
--- a/esp32_device/.vscode/settings.json
+++ b/esp32_device/.vscode/settings.json
@@ -12,6 +12,14 @@
     "stdio.h": "c",
     "storage.h": "c",
     "cstdlib": "c",
-    "cstring": "c"
+    "cstring": "c",
+    "crypto.h": "c",
+    "entropy.h": "c",
+    "ctr_drbg.h": "c",
+    "sha256.h": "c",
+    "ecdsa.h": "c",
+    "platform.h": "c",
+    "build_info.h": "c",
+    "config_adjust_ssl.h": "c"
   }
 }
diff --git a/esp32_device/main/CMakeLists.txt b/esp32_device/main/CMakeLists.txt
index 6936930..b5e5680 100755
--- a/esp32_device/main/CMakeLists.txt
+++ b/esp32_device/main/CMakeLists.txt
@@ -1,3 +1,3 @@
-idf_component_register(SRCS "random.c" "storage.c" "main.c"
+idf_component_register(SRCS "system.c" "crypto.c" "random.c" "storage.c" "main.c"
                         "dev_name.c"
                     INCLUDE_DIRS ".")
diff --git a/esp32_device/main/crypto.c b/esp32_device/main/crypto.c
new file mode 100644
index 0000000..d48997d
--- /dev/null
+++ b/esp32_device/main/crypto.c
@@ -0,0 +1,51 @@
+#include "crypto.h"
+#include "system.h"
+
+#include <mbedtls/build_info.h>
+#include <mbedtls/platform.h>
+#include <mbedtls/entropy.h>
+#include <mbedtls/ctr_drbg.h>
+#include <mbedtls/ecdsa.h>
+#include <mbedtls/sha256.h>
+#include <mbedtls/pk.h>
+
+/*
+ * Uncomment to force use of a specific curve
+ */
+#define ECPARAMS MBEDTLS_ECP_DP_SECP256R1
+
+bool crypto_gen_priv_key()
+{
+    int ret = 1;
+
+    const char *pers = "ecdsa";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_entropy_init(&entropy);
+
+    mbedtls_ecdsa_context ctx_sign;
+    mbedtls_ecdsa_init(&ctx_sign);
+
+    mbedtls_ctr_drbg_context ctr_drbg;
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *)pers,
+                                     strlen(pers))) != 0)
+    {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        reboot();
+    }
+
+    // Generate private key
+    if ((ret = mbedtls_ecdsa_genkey(&ctx_sign, ECPARAMS,
+                                    mbedtls_ctr_drbg_random, &ctr_drbg)) != 0)
+    {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdsa_genkey returned %d\n", ret);
+        reboot();
+    }
+
+    mbedtls_pk_context key_ctx;
+    mbedtls_ecp_gen_keypair
+
+    mbedtls_pk_write_key_pem()
+}
\ No newline at end of file
diff --git a/esp32_device/main/crypto.h b/esp32_device/main/crypto.h
new file mode 100644
index 0000000..e53bc04
--- /dev/null
+++ b/esp32_device/main/crypto.h
@@ -0,0 +1,21 @@
+/**
+ * Cryptographic functions
+ */
+
+#pragma once
+
+#include <stdbool.h>
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+    /**
+     * Generate device private key, if required
+     */
+    bool crypto_gen_priv_key();
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/esp32_device/main/dev_name.c b/esp32_device/main/dev_name.c
index b341b86..e84c24b 100644
--- a/esp32_device/main/dev_name.c
+++ b/esp32_device/main/dev_name.c
@@ -8,7 +8,7 @@
 
 #define DEV_PREFIX "ESP32 "
 
-bool dev_generate_name_if_required()
+bool dev_generate_name()
 {
     // Check if a device name has already been defined
     if (storage_get_dev_name(NULL) > 0)
diff --git a/esp32_device/main/dev_name.h b/esp32_device/main/dev_name.h
index 0fb9b54..8ac5382 100644
--- a/esp32_device/main/dev_name.h
+++ b/esp32_device/main/dev_name.h
@@ -14,12 +14,7 @@ extern "C"
     /**
      * Generate random device name, if not existent
      */
-    bool dev_generate_name_if_required();
-
-    /**
-     * Clear device name
-     */
-    void dev_remove_name();
+    bool dev_generate_name();
 
     /**
      * Get current device name. This value MUST be freed after usage
diff --git a/esp32_device/main/main.c b/esp32_device/main/main.c
index 5b01812..0041e0c 100755
--- a/esp32_device/main/main.c
+++ b/esp32_device/main/main.c
@@ -3,6 +3,7 @@
 
 #include "dev_name.h"
 #include "storage.h"
+#include "system.h"
 
 void app_main(void)
 {
@@ -11,15 +12,19 @@ void app_main(void)
     if (storage_init() == false)
     {
         printf("Failed to init storage!\n");
-        fflush(stdout);
-        esp_restart();
+        reboot();
     }
 
-    if (dev_generate_name_if_required())
+    if (dev_generate_name())
     {
         printf("Generated a new device name\n");
     }
 
+    if (crypto_gen_priv_key())
+    {
+        printf("Generated device private key!\n");
+    }
+
     char *name = dev_name();
     printf("Dev name: %s\n", name);
     free(name);
diff --git a/esp32_device/main/system.c b/esp32_device/main/system.c
new file mode 100644
index 0000000..82d1e96
--- /dev/null
+++ b/esp32_device/main/system.c
@@ -0,0 +1,9 @@
+#include "system.h"
+
+#include "esp_system.h"
+
+void reboot()
+{
+    fflush(stdout);
+    esp_restart();
+}
\ No newline at end of file
diff --git a/esp32_device/main/system.h b/esp32_device/main/system.h
new file mode 100644
index 0000000..0dbba7e
--- /dev/null
+++ b/esp32_device/main/system.h
@@ -0,0 +1,19 @@
+/**
+ * System functions
+ */
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+    /**
+     * Reboot ESP32
+     */
+    void reboot();
+
+#ifdef __cplusplus
+}
+#endif