Secure boot can greatly enhance the security of an embedded system by cryptographically verifying that the code being loaded and executed is authentic and has not been unknowingly or maliciously modified. Once a feature of high security applications, these techniques are now being adopted by a broad range of products from mobile phones, tablets, and set-top boxes to networking systems such as base stations, routers and other infrastructure devices.
The compact, flexible DesignWare Secure Boot SDK allows developers to implement secure boot systems using software-only constructs or with Synopsys offload engines, accelerating verification and decryption operations in the target system. Secure boot systems rely on well-proven cryptographic algorithms for verifying signed code, and optionally decrypting code, to ensure that the processor is initialized into a known state and executes code from a trusted source. The DesignWare Secure Boot SDK supports a variety of system requirements and boot sequences via a simplified two-phase secure bootstrap process that loads only executable code signed by a trusted entity.
DesignWare Secure Boot Software Development Kit
Downloads and Documentation
- Based on NIST CAVP validated cryptographic algorithms and standards
- AES-CCM and AES-CTR content encryption
- SHA-256 hashing
- RSA PKCS #1 and X9.62 EC-DSA verification
- C source code with simple build options
- Very small code footprint
- Flexible architecture
- Support for hardware acceleration and / or isolation
- Run-time checking capability during system operation
||Secure Boot Software Development Kit