Embedded security you can trust

Middleware

The EllipsysTM Security Architecture (ESA) pictured below consists of five distinct products encompassing symmetric and asymmetric cryptography libraries, the Ellipsys Trust Framework, SRTP, Linux IPsec and a comprehensive DTCP stack. The architecture offers a well defined, uniform API combining industry standard PKCS #11 elements with proprietary extensions to support third party applications software. A key capability of the ESA is the ability to choose between hardware and software security primitives as well as the ability to integrate platform security elements such as secure boot and certificate/key management.

When used with Elliptic hardware, a wide variety of use models are available supporting single crypto cores all the way up to sophisticated packet processing engines. The ESA can also be adapted to hardware offload engine available in off the shelf processors through board support packages written either by Elliptic or by customers. The ESA is coded to be highly portable and is licensed in source code to facilitate platform re-targeting.



For an expanded view, please click on this link

Elliptic is dedicated to delivering a product of the highest quality as indicated through its industry leading ISO 9001:2008 qualification achieved in 2009. All symmetric and asymmetric libraries have been accredited by third party testing laboratories under the National Institute of Standards and Technology (NIST) crypto validation program (CAVP). The DTCP stack has been subjected to rigorous testing with tools provided by Intel and third party interoperability conducted with a leading consumer electronics manufacturer based in Japan.

The Ellipsys ESS-01 offers symmetric cryptographic functions including AES in multiple modes such as CBC, GCM and CCM, 3DES, SNOW 3G, all SHA variants and keyed hashes (HMAC). This library has been certified by a third party laboratory as being compliant with the NIST Cryptographic Validation Program (CAVP), which ensures that the algorithms can be used in products requiring FIPS 140 validation.

The Ellipsys ESS-02 supports a rigorously tested set of public key functionality including sign and verify operations, and RSA encryption and decryption algorithms. Release 3.1 of the library offers support for prime field Elliptic Curve Cryptography including all NIST approved prime field curves and those required for National Security Agency (NSA) Suite B compliance.

The ESW-01 implements a complete DTCP stack which supports DTCP-IP. Elliptic plans to introduce variants of the the DTCP stack to support HDCP Version 2.0 and Wireless HD. Please subscribe to the RSS feed for product updates to be kept abreast of new product releases.

For quick, efficient implementation of a high-performance IPsec solution, Elliptic offers the ESS-03 Linux IPsec Middleware. Over the last few years, Linux Kernel IPsec has been enhanced to accept a variety of hardware offload solutions. The ESS-04 easily integrates crypto and hash cores as well as the CLP-25 and CLP-36 ESP/AH packet processor offload engines into Kernel IPsec.

Elliptic offers the ESS-04 Ellipsys-SB, a bootstrap loader which allows customers to build a secure boot and secure update solution in software only, with hardware assist or with a blend of both methodologies. Secure boot has become very commonplace in electronic products to ensure that the code has not been maliciously or inadvertently modified.

The ESS-05 SRTP Toolkit offers a software solution for Secure Real Time Protocol applications. SRTP is the security layer in the Real Time Protocol for transmission of VoIP and streaming video content over the Internet.

In deploying anti-cloning systems or protecting valuable IP through a value chain, customers have to administer keys and certificates and cryptographically sign code. The ESS-06 provides credential management and supports the distribution of inherited trust through manufacturing and OEM production lines. Customers can use Ellipsys-CA to quickly and efficiently deploy the secure deployment of anti-tampering, anti-cloning and secure boot technologies.

The ESS-07 is designed to provide a software system that manages and protects highly sensitive information such as keys and certificates, in embedded system environments. Ellipsys-VSM (Virtual Security Module) implements many of the features of a Hardware Security Module (HSM) with the goal of greatly enhancing the security of software solutions when HSMs are either too costly or not feasible.