M-Shield

From MILEDROPEDIA
Jump to: navigation, search

Mobile Security Technology solution

Built-in OMAP and OMAP-Vox platforms

Hardware platform includes

  • Hardware Cryptography Accelerator
  • Secure On-Chip Keys
  • Secure Booting and Flashing
  • Secure DMAs
  • Secure Environment (SE)
  • Secure Chip-Interconnect

Software platform includes

  • M-Shield Security Middleware Component (SMC): integrates
  • TrustZone Software to its system-level security framework
  • Provides a security framework supporting TrustZone
  • Software APIs across its OMAP family of products

Texas Instruments Secure Environment (SE)

Execution environment with hardware countermeasures against attacks for safe execution of sensitive authorized software Access to Secure RAM and Secure ROM Code To integrate TrustZone Hardware extensions when available TrustZone Software integration includes Secure Environment Handling Cryptography HAL Implementation Secure DMA Handling

Cryptography HAL of M-Shield

Interfaces cryptographic hardware accelerators and cryptographic libraries of the SE including Symmetric algorithms DES, 3DES AES Asymmetric algorithms with several optional padding schemes for encryption and signature RSA DSA Diffie-Hellmann SHA-1, MD5 Random number generation Uses chip unique keys Uses Secure DMAs for fast and secure data processing Provides several usage modes “Raw” mode for the basic algorithms Combination of algorithms such as the ones defined by PKCS#1 to ease protocol implementation and obtain higher security

TZSW Secure Storage

Secure Storage Uses chip unique keys for authenticity and encryption Replay attack protection Uses cryptographic hardware accelerators and cryptography libraries

Misc

Security sensitive operations are processed within the SE and are implemented in the TZSW HAL implementation Cryptographic keys never get out of the SE in clear During processing, from outside the SE, keys are always handled opaquely Managed securely in Secure RAM Cryptographic processing is handled within the SE RNG, SHA-1/MD5, DES/3DES, AES and public key computations are accelerated using Cryptographic Hardware Accelerator