Over the past few years security has become a prominent issue for our partners and their customers. However, OEMs, silicon providers (SiPs) and developers still encounter a number of challenges when developing security solutions.
Some of these challenges include: the increased value of the assets that our devices use daily (e.g. premium content and machine learning (ML) /artificial intelligence (AI) algorithms); the complex regulatory requirements of the Chinese market; and the delay in the time-to-market when security features need integration with existing IP. In addition to these challenges for our partners, according to a soon to be released survey from Arm as part of our updated Security Manifesto, security industry experts think that almost half of consumers are “generally oblivious” to how secure their products are, presenting a consumer education challenge as well.
To address all these challenges, Arm is announcing its most comprehensive CryptoCell security IP, aimed at performant systems, to date. CryptoCell-713 is focused on several use cases, with the new IP offering an outstanding level of security and targeting a broad range of threats, devices and markets, including mobile, DTV, set-top boxes (STB) and the Chinese market. It provides a comprehensive set of components, including hardware, firmware and software adaptation layers and tools, as well as simple and easy integration packages for hardware and firmware.
In addition to CryptoCell-713, Arm is announcing a sister product – CryptoCell-703 – for partners who want to augment their existing security solution with the missing, but vital, Chinese crypto functionality.
High performance and robustness for China
CryptoCell-713 and CryptoCell-703 enable high-performance, energy efficient, security functions for everyday use cases that require Chinese crypto functions (SM2/3/4), such as content protection and banking. Both products are meeting the China DRM certification requirements for all profiles, including Enhanced Content Protection requirements. For future-proofing, Arm is providing the Chinese ciphers as a GM/T 0028-214 (the Chinese equivalent of FIPS 140-2 – the U.S. security standard that is used internationally) compliant implementation. In addition, CryptoCell-713 is FIPS 140-2 certifiable, similar to the recent certification of CryptoCell-712. Using just CryptoCell-703 allows our partners to target the Chinese market without dropping their existing security design.
Flexible IP across a range of devices and business areas
CryptoCell-713 delivers high-performance, robust, platform security to a range of devices, notably mobile, DTV, and set-top boxes. Both CryptoCell-713 and CrytpoCell-703 are also be available with enhancements that mitigate side-channel attacks – this enables premium content consumption. Another robustness increase in this new generation is coming from new provisioning infrastructure (delivered as tools, hardware roots of trust and on-device firmware) enabling asset delivery to devices’ secure storage with complete isolation from manufacturing processes.
A large pain-point for SiPs and developers is the time it takes to integrate security features into their systems. This is particularly relevant for mobile, DTV and STB SoCs, which are increasingly complicated and comprised of many different sub-systems. Arm invests in the pre-integration of CryptoCell with Arm IP, including TF-A and the Mali Multimedia suite, with such integrations greatly reducing the time-to-market for SiPs and developers. Specifically, in content consumption use cases, which might be “day long”, an important outcome of this pre-integration is valuable information available to partners on efficiency benefits resulting from using CryptoCell (as opposed to using software crypto).
In parallel, Arm continues its track record of helping partners through offering – in addition to the comprehensive security IP products – access to Trusted firmware-A, which is providing an implementation of a Trusted Boot Process and other valuable software. In addition, we intend to make it even easier for the eco-system to improve security by making our Trusted Base System Architecture (TBSA) specification for devices such as mobile, DTVs and STBs public in the next few weeks. The document presents a System on Chip (SoC) architecture that supports Trusted Services compliant with key industry security standards. Alongside the FIPS and Chinese standards’ certification readiness, all of this can save tens of man-years of software development.
Enables ML features
With AI and ML playing an increasingly prominent role in most modern security features on mobile, such as face ID and voice recognition, having a security solution able to support these technologies is becoming ever more important. When ML developers deploy their ML model to a mobile device, they can lose control over how it is accessed or used, which presents security challenges, as data stored on a mobile device can be unprotected. In response to these challenges, CryptoCell-713 supports the full framework for using software image encryption, based on hardware bounded keys provisioned securely.
IP that addresses all the security challenges
In summary, CryptoCell-713 and CryptoCell-703 comprehensively address the various pain-points that OEMs, SIPs, developers and other partners feel when developing security solutions. Both deliver high-performance security functions in the challenging Chinese market, meeting the regulatory requirements needed to ensure a number of everyday use cases on mobile devices. CryptoCell-713 delivers high-performance security across a range of connected devices that now provide content to users and require robust security solutions. It also narrows the time-to-market for SiPs through providing an integrated security solution, which includes existing Arm IP. Meanwhile, CryptoCell-703 provides the Chinese crypto functionality for partners that already have a functioning security solution. Overall, our latest security IP aims to make our partners and their customers’ lives easier, while creating a more secure ecosystem for everyone.
Find out more information about the CryptoCell-713 and CryptoCell-703 products here: https://www.arm.com/products/silicon-ip-security/crypto-cell-700
For more information about Arm’s security solutions visit: https://www.arm.com/solutions/security
Arm technology is at the heart of a computing and connectivity revolution that is transforming the way people live and businesses operate. Our advanced, energy-efficient processor designs have enabled the intelligent computing in more than 125 billion chips. Over 70% of the world’s population are using Arm technology, which is securely powering products from the sensor to the smartphone to the supercomputer. This technology combined with our IoT software and device management platform enable customers to derive real business value from their connected devices. Together with our 1,000+ technology partners we are at the forefront of designing, securing and managing all areas of compute from the chip to the cloud.
All information is provided "as is" and without warranty or representation. This document may be shared freely, attributed and unmodified. Arm is a registered trademark of Arm Limited (or its subsidiaries). All brands or product names are the property of their respective holders. © 1995-2018 Arm Group.