banner_products_page_boot

Discretix Secure Boot (DxSB)

Discretix' Secure Boot provides an effective protection mechanism against software attacks, authenticating the software image during device boot, and detecting any illegal updates that occurred while the device was powered-down.

 

Market Needs

Offline software modifications attacks aimed at illegal software updates, are the most common form of attack on devices. Offline attacks are harder to prevent, particularly because the device is powered-off. Offline protection can however be provided by identifying any modification that has occurred once power is restored.

Highlights

Secure Boot routine – verify software image integrity at boot time, detecting off-line software image tampering and unauthorized software image updates

Software version revocation – once the software image is legally updated, an attacker is prevented from rolling-back to a previous potentially exploitable software image

Vendor Key Revocation – enable revocation of the private key of compromised software image

Software/Hardware options – choice of software-only solution, or a combined software-hardware solution for increased performance

Platform-Independent – Portable and reusable ANSI-C secure boot code, applicable to numerous embedded markets

Multiple software vendors – supports chaining of keys, enabling attestation of multiple software vendors

Field-proven – installed in numerous devices on the market

 

Technical Overview

The DxSB prevents offline attacks modifying the software image on flash. During system boot, DxSB verifies that the software image has not been tampered with or modified, guaranteeing a known and trusted starting point. The DxSB routine runs from on-chip ROM, guaranteeing that it cannot be bypassed. The authentication of the software image is carried out by comparing the SHA256 digest of each designated software component in memory with the expected value provided by the device maker. A modification can be detected even if a single bit in memory has been altered. The list of expected SHA256 digest values is signed with the device maker's private key. DxSB uses the available device maker's public key in order to verify that the list was not forged by an attacker.

Using a PC-based tool, the device maker aggregates the software components to a coherent image for boot authentication. The PC tool prepares the list of SHA256 digest values, signing them with the device maker’s private key.

The device maker may periodically release a new version of software, often to address critical and/or exploitable bug. DxSB supports software version revocation by including a version counter, that is able to authenticate the version currently being booted.

In case the private key used to sign the software image has been compromised, DxSB supports vendor key revocation. The moduke can be instructed to move to a second (or third, or forth) private-public key pair. While the device maker puts the primary software image on the device – the DxSB routine supports additional software images – added by other vendors, and be chained together and authenticated during boot.

Block Diagram



 

 

 

 

 

 

 

 

Configuration Options


Click to enlarge

Example Performance

System setup:

- Host processor running at 200MHz
- Hardware SHA256 running at 100Hz
- 10MByte image size
- 1024-bit RSA signature




 :

 

 

For more information, please fill in the brief form below :

Fill in the form to request additional information
  1. Full Name(*)
    Please type your full name.
  2. Title
    Invalid Input
  3. E-mail(*)
    Invalid email address.
  4. Country(*)
    Invalid Input
  5. Country Dailing Code(*)
    Invalid Input
  6. Area Code(*)
    Invalid Input
  7. Phone Number(*)
    Invalid Input
  8. Company(*)
    Please type your full name.
  9. Please enter the numbers displayed
    Please enter the numbers displayed
    Invalid Input
Contact us for more information