is your android apps processor ready for premium...
TRANSCRIPT
Is your Android Apps Processor Ready for Premium Services?
Gal Adler, Dir. Marketing
IP products
November 2013
Topics
Premium Services
Applications Processors
Security
2
Drivers for AP Security
3
Secure Platform Requirements
4
AP Security Platform Requirements
Traditional IC requirements
• Operational Flexibility
• Features
• Performance
• Cost
Security Requirements
• Secure Code Execution
• Secure Assets handling
• Secure Storage
• Content (video/audio) Protection
• Strong Cryptography
Challenges in designing security solutions
5
HD Content: New Security Risks
12/8/2013
Android (open OS) forces a HW-assisted DRM implementation
Running DRM in TEE does not cover all risks: Decrypted, compressed content must be protected when transferred to the video engine , using a Secure Content Path
Content can be streamed to other devices. The Output Link must be protected too!
New Security Risks
Secure Asset Provisioning
7
DRM schemes keys
Secure boot key
Payment service key
OEM Assets
Untrusted Zone ODM/CM
Device (secure Storage)
Service Provider Assets
DRM schemes keys
Payment service key
Futures Services
In Field Provisioning
Secure Assets must be protected on the way from OEM HQ to the device secure storage The provisioning scheme has to be put in place by the ICV. It should: - Prevent secret leakage between OEMs - Be extensible for OTA provisioning (by service providers)
Secure Site
Chip level provisioning secret Encrypted package
Performance Aspects
Discretix Proprietary and Confidential 8
Application Processor
CRYS API
Secure Storage
API HLOS
TEE driver
Applications
Multimedia framework
Secure OS
Secure Applications
Comm. mechanism
Crypto driver Crypto Linux
driver
DRM Plugin
Crypto h/w
Problem: How to efficiently process Secure data intensive DRM/CP operations
Widevine HDCP PlayReady
DTCP-IP CPRM …
May 2013
HLOS to SOS switchover cost is high
(typically 1ms)
SOS execution is blocking
DRM operation executed N
times per frame (30-60fps x N)
Result: high processing overhead. Increased power, high latency and low throughput
1ms
9
Technical Challenges: Cryptographic Engines
Design for mobile systems
Required crypto support and performance
Optimize implementation between hardware and firmware
Tradeoff between flexibility and performance and size
Minimize power consumption
Countermeasures SPA,DPA
Timing attacks
Fault attacks
Random Number Generation
Generating quality random seed with digital means
Entropy must meet rigorous standards (FIPS, NIST)
Build a standard compliant Pseudo RNG process
Verification Extensive testing and validations required
Security solution requires a new set of automatic tools and coverage tests
Standards Compliance and Certification
Application Processors must conform to a wide array of security standards
ICV must continuously monitors the standards to ensure on-going compliance
Contact relevant operators and service providers for security requirements
Examples of applicable standards:
System Security Architecture: TBSA-2, TBRR
OMTP TR1 v1.1 profile 2
GlobalPlatform TEE PP
FIPS 140-2 certification
DRM and link protection schemes:
10
Cryptography Standards PKCS#1 (RSA Cryptography Standard (versions 1.5 and 2.0)), PKCS#3 (Diffie-Hellman Key Agreement Standard), PKCS#10 (Certification Requests), PKCS#11 (Cryptographic Interface Standard), PKCS#13 (Elliptic Curve Cryptography Standard), SEC1 (Elliptic Curve Cryptography Standard), ANSI-X9.63 (ECDH Elliptic Curve Cryptography Standard), FIPS 81 (DES Modes of Operation), FIPS 46-3 (Data Encryption Standard (DES)), RFC 2246 (TLS version 1.0), WAP-261 (WTLS, class 2 and 3), FIPS 190 (Guideline for the Use of Advanced Authentication Technology Alternatives), ISO 11770 (Key Management, Part 1: Framework), ISO 10116 (Modes of Operation for an n-bit Block Cipher), RFC 1321 (MD5), FIPS 74 (Guidelines for Using the NBS DES), FIPS 180-1 (Secure Hash Standard), ANSI-X3.106 (DES Modes of Operation), ANSI-X3.92 (Data Encryption Standard (DES)), ANSI-X9.52 (Triple DES Modes of Operation), FIPS 197 (AES Advanced Encryption Standard), ANSI X9.42 (Implementation of Diffie-Hellman), FIPS-SP-800-2 (Random Number Testing), ISO 9594-8 (The Directory: Authentication Framework), RFC 2818 (HTTP Over TLS), X.509 (Public-key Certificate Standard), RFC 2511 (Certificate Request Message Format)
Secure Platform Design Challenges – Summary
System Level Approach
Secure Content Path
Performance Aspects (ex. Crypto processing in the TEE)
Secure Power Management
Operational Aspects
Secure Asset Provisioning
Security Lifecycle Management
Debug and testability
Cryptographic design (hardware and firmware)
Performance/power/size tradeoffs
Software and Hardware Countermeasures against side-channel attacks
Testing and validation
Integration with crypto libraries
Design for Standards compliance, Certification and Interoperability
Monitoring and analyzing security standards
Secure Coding practice
11
CryptoCell®For TZ Security IP Objectives
Cryptocell® for TZ - a fully featured security solution for AP SoC
Complete the TrustZone ecosystem
Reduce secure platform design cost and TTM
Designed for ARM TrustZone Architecture
Optimized performance for Mobile Devices
Standards Compliant
GlobalPlatform
ARM blueprints
FIPS-140-1
Pre integrated with Security Software
Market Proven
Discretix Proprietary and Confidential 12 May 2013
C H I P S E T S A N D P L A T F O R M S
S E R V I C E P R O V I D E R S
D E V I C E S
Discretix at a Glance
Founded in 2000
VC backed - $25M in funding
100 employees (~75 R&D)
17 Patents
Facts & Figures
HQ – Israel
Santa Clara, USA
Tokyo, Japan
Worldwide Presence
Taipei, Taiwan
Seoul, Korea
Beijing, China
Customers Recent Design-Wins
HTC
ONE
Sony
Xperia Z
LG
G2
Motorola
Moto X
Summary
Security capabilities are needed for enabling premium services
Today, we discussed some of the implications on Application Processors SoC architecture
We will be happy to meet and discuss in more details
Thank you!
14
