T-Systems GEI GmbH, BU ITC Security confirms the Security Test and Firmware Review of the Discretix Crypto Coprocessor developed by Discretix Technologies Ltd. with the following result:
"The firmware has been found to have no major defects and is of very good quality. The security evaluation concludes that the software includes effective and state of the art protection measures (both algorithmic and specific coding) for the handling of cryptographic keys and other security relevant data."
"The investigated implementation of the cryptographic mechanisms (PKI-engine and DES-engine) are not found to be vulnerable to side channel analysis including simple power analysis (SPA), differential power analysis (DPA), timing analysis (TA) and fault analysis (FA)."
"The evaluators invested for their investigation several months,high expertise and special
equipment".
Visa 3-D SecureT Mobile Authentication Scenarios
"A secure element in the phone may be used to store sensitive information including authentication symmetric keys. For example, the emerging Binary Runtime Environment for Wireless (BREW) defines an application platform in CDMA phones that can hold secure applications and data. An effort led by major phone manufacturers - the Mobile Electronic Transaction Forum (MeT) - is considering methods for defining secure hardware zones within the phone. "
"Discretix has developed a solution - CryptoCell - that provides secure storage of the symmetric keys within the phone, embedded in the baseband chip. The solution creates a secure zone where keys and session keys, PINs, retry counters, and other sensitive information can be secured.
|
