Home > Products > Semiconductor IP > Platform Security Engines

Platform Security Engines

Providing comprehensive system, application and content security

The demand for combined network security and secure platform functionality has exploded with the massive growth of mobile networking applications, smartphones, femtocell access points, smart-grid market applications, and home-based gateways. INSIDE Secure’s Platform Security Engines are IP cores that secure the customer’s platform, like the SafeZone Trusted Module and SafeXcel Crypto Module, allowing such devices to securely generate, store and use sensitive data like cryptographic keys, digital identities, and sensitive stored data.

INSIDE Secure’s Embedded Secure Platform is a complete solution to Protect:

Sensitive Data
... Against exposure
... Against modifications
... Against unauthorized access

Devices Against Hackers
... Trying to reinstall hacked OS versions
... Trying to copy hacked software images to other devices
... Installing worms and viruses on the device
... Replacing critical applications by modified or fake versions
... Trying to install modified system updates

Device Manufacturer’s System Software
... Against illegal copying

SafeXcel™ IP-123 Secure Platform Crypto Module

Part of INSIDE Secure’s award-winning silicon IP product portfolio, the SafeXcel™ IP-123 Crypto Module is an IP core for providing maximum performance to security sensitive applications in a variety of ways. By using dedicated hardware accelerators, the Crypto Module provides a first performance boost compared to software execution on the host processor. The second boost comes from the use of quickly accessible local storage inside the Crypto Module, which eliminates time consuming Memory Management Unit overhead. For the most computationally intensive applications, such as secure streaming audio and video (including broadcast), the Crypto Module provides a High Speed Streaming Interface.

The SafeXcel-IP-123 Crypto Module provide Hardware cryptographic algorithm implementations for optimal performance, user experience, battery life time and robust security:

  • AES, SHA-1, SHA-256, ARC4 for fast and low power symmetric crypto operations
  • PKA (Public Key Acceleration) supporting Secure Boot image signature verification
  • TRNG (True Random Number Generator) providing on chip Hardware Number Generation
  • Access to platform Trust Anchor (Root of Trust in NV memory such as On chip OTP, e-Fuse, ROM, Flash) to store manufacturing-time secret data such as a Hardware or Device Unique Key and us it only inside the confines of the Crypto Module

SafeZone™ Middleware Components

The SafeZone middleware components provide platform level security to applications, hiding the details of security implementation. It is a middleware software layer on top of the driver libraries controlling the SafeXcel-IP-123 Secure Platform Crypto Module.

  • PKCS#11 API for application integration
  • Cryptographic (software) library providing cipher functionality to applications
  • Secure External Object Storage library for storing objects in encrypted form into external off chip memory
  • Secure Internal (Key) Asset Lockbox Library, safeguarding the correct use for key and IV material
  • Certificate library, providing Certificate verification form DRM applications
  • Secure Boot library, providing binary image integrity, authenticity and optional confidentiality
  • Image Signing and Encryption tools
  • Hardware enablement for SafeXcel-IP-123 Crypto Module

Benefits

  • Complete hardware/software system
  • High-speed Crypto Module with medium speed Public Key accelerator
  • Silicon-proven implementation
  • Fast and easy to integrate into SoCs
  • Flexible layered design
  • Generic driver libraries for Crypto/Hash/TRNG and PKA modules
  • Easy portability & multiple OS support
  • No need for in-house crypto expertise
  • Open Standard APIs
  • Migration path from software-only to hardware-supported implementations
  • Complete range of configurations
  • World-class technical support