 |
 |
 | 
|
|  |  |  BLOG | CONTACT US
|
 |
 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|||||||||||||||||||||||||||||||||||||||||||
 |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
PRODUCTS & SOLUTIONS Platforms  CryptoCell® CryptoFlash® Anti-Cloning | Anti-Hacking Peripheral Binding Secure DiskContent Protection Multi-Scheme DRM Client OMA DRM WM DRM CPRM Mobile TV Security ClientModules IPSec Accelerator Cryptographic Accelerators
PKA,
AES,
DES,
HASH,
RNG Cryptographic Software Library HDCP Secure Database Secure Boot Key Storage & Management Certificate Handling |
 |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Discretix Secure Boot (DxSB)Discretix' Secure Boot provides an effective protection mechanism against software attacks, authenticating the software image during device boot, and detecting any illegal updates that occurred while the device was powered-down.Market NeedsOffline software modifications attacks aimed at illegal software updates, are the most common form of attack on devices. Offline attacks are harder to prevent, particularly because the device is powered-off. Offline protection can however be provided by identifying any modification that has occurred once power is restored. Highlights
Technical Overview The DxSB prevents offline attacks modifying the software image on flash. During system boot, DxSB verifies that the software image has not been tampered with or modified, guaranteeing a known and trusted starting point. The DxSB routine runs from on-chip ROM, guaranteeing that it cannot be bypassed. The authentication of the software image is carried out by comparing the SHA256 digest of each designated software component in memory with the expected value provided by the device maker. A modification can be detected even if a single bit in memory has been altered. The list of expected SHA256 digest values is signed with the device maker's private key. DxSB uses the available device maker's public key in order to verify that the list was not forged by an attacker. Using a PC-based tool, the device maker aggregates the software components to a coherent image for boot authentication. The PC tool prepares the list of SHA256 digest values, signing them with the device maker’s private key. The device maker may periodically release a new version of software, often to address critical and/or exploitable bug. DxSB supports software version revocation by including a version counter, that is able to authenticate the version currently being booted. In case the private key used to sign the software image has been compromised, DxSB supports vendor key revocation. The moduke can be instructed to move to a second (or third, or forth) private-public key pair. While the device maker puts the primary software image on the device – the DxSB routine supports additional software images – added by other vendors, and be chained together and authenticated during boot. Block Diagram  Configuration Options  Click to enlarge Example Performance System setup: - Host processor running at 200MHz - Hardware SHA256 running at 100Hz - 10MByte image size - 1024-bit RSA signature  For more information, please fill in the brief form below : Contact us for more information
|
Key Benefits:
Key Features:
Deliverables
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
 |
 |
 |
 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||||||||||||||||||||||||||