Lockbox™ Secure Technology for Analog Devices Blackfin Processors is based upon the concept of authentication of digital signatures using standards-based algorithms and provides a secure processing environment in which to execute code and protect assets. Lockbox Secure Technology is comprised of a combination of hardware and software mechanisms that provide the means for developers to implement security measures that range from safeguarding secrets such as OEMs' intellectual property, to verifying the identity of devices and users for protected e-commerce and social networking, to digital rights management (DRM) content protection.
More specifically, Lockbox Secure Technology provides one-time programmable (OTP) memory and a secure processing mode (Blackfin Secure Mode) to enable these capabilities. Its public, non-secure, user-programmable area of OTP memory is suited for storing public keys to authenticate the system in a manner that is controllable and configurable by the developer. A private, secure, user-programmable area of OTP memory lets developers program their own private device assets such as private keys, and maintain the confidentiality and integrity of those assets. Furthermore, using Secure Mode on Blackfin allows systems to be implemented in which only authenticated, trusted code is allowed to execute on the processor within a secure processing environment.
The diagram shown above represents a simplification of the digital signature creation and verification process implemented in Lockbox.
Lockbox Secure Technology uses standards-based cryptographic algorithms. Digital Signature Authentication on ADSP-BF54x and ADSP-BF52x utilizes the following:
ECDSA Signature Verification, a subset of ECDSA, is implemented in the ADSP-BF54x and ADSP-BF52x products. 3
1These implementations are based on the Elliptic Curve Digital Signature Algorithm (ECDSA) specified in FIPS 186-2 with Change Notice 1 dated October 5, 2001, Digital Signature Standard (DSS), and specified in ANSI X9.62-1998.
2SHA-1 is based on the publicly available standard for FIPS 180-2 (Secure Hash Signature Standard (SHS) (FIPS PUB 180-2).
3ECDSA implementation on these Blackfin products only supports the Koblitz curve.