Anti-tamper security solution for embedded devices Ubiquitous Securus Use secure hardware to prevent data leakage and tampering

Main functions

Encryption / decryption function

AES encryption and decryption function using a common key, and RSA encryption and decryption function using a public key. If the hardware has the corresponding function, use the hardware function. For hardware that does not have this function, use a software processing engine.

Hash function

Hash calculation function.

Message Authentication function

Hash-based message authentication function and Crypto-based message authentication function.

Signature generation / verification function

Signature generation / verification function using public key. If the hardware has the corresponding function, use the hardware function. In an environment that does not have the corresponding function, a software processing engine is used.

Secure Storage function

This function stores and uses confidential data such as device-specific digital certificates and encryption keys in a secure and appropriate encrypted form using secure hardware.

Content Protection function (Optional)

A function to securely local-encrypt stream data such as content data and continuously acquired sensor data. This locally encrypted data will be stored securely, so it is impossible to use it illegally even if it is leaked or wiretapped.

Key Pair Generation function

This function generates RSA key pairs and EC key pairs.
RSA key pairs support key lengths of 1024, 2048, 3072, and 4096 bits.
EC key pairs are compatible with NIST Curve P-192, P224, P-256, P384, P521.

EncryptKey function

A function that can designate key information that has been concealed (encrypted) in advance as key information to be used in a cryptographic function.

KeyBox function

A function that uses cryptographic key information that has been specified in the KeyBox and stored securely in advance in the cryptographic processing function. The encryption / decryption function can be used without the user application touching the actual data of the key. Encryption key information is specified by the name in the key box. It is also possible to specify a KeyBox as the key storage destination of the Key Pair Generation function.

Channel function

A function that allows the user of the cryptographic function to specify whether the processing of the cryptographic function is performed only by software, or if hardware is available, the hardware is given priority.

Supported cryptographic function

Public Key
Cryptography
SignatureECDSA
RSASSA-PKCS#1-v1.5 (Sign)
RSASSA-PKCS#1-v1.5 (Verify)
RSASSA-PSS (Sign)
RSASSA-PSS (Verify)
ConfidentialityRSAES-OAEP
Common Key
Cryptography
Block CipherAES [128,192,256]
Crypt Usage ModeCBC
CTR
ECB
Authenticated CipherGCM [128,192,256]
CCM [128,192,256]
HashHash FunctionSHA-1
SHA-224
SHA-256
SHA-384
SHA-512
MD5
Message
Authentication
Hash-basedHMAC_SHA1*
HMAC-SHA224*
HMAC_SHA256
HMAC-SHA384*
HMAC-SHA512*
HMAC_MD5*
Crypto-basedCMAC [128,192,256]

* : It will be supported in a future release.

Find a Product