Elliptic Technologies has announced the immediate availability of its highly programmable and configurable security accelerator and Hardware Security Module, SPAcc-HSM. This unique security engine provides reliable protection for sensitive data and transactions and can be shared simultaneously with an application processor that requires lower levels of security.

Digital Rights Management (DRM) and content protection standards, such as Digital Transmission Content Protection (DTCP) demand robust security schemes to protect sensitive key information from non-authorized use. Elliptic’s SPAcc-HSM provides a highly-secure infrastructure for key storage and high-throughput cryptographic operations, and at the same time it can be shared securely and reliably with an application processor that has lower security needs.

“For many systems and SoCs, it is very important to protect and differentiate secure transactions such as key management from other transactions.” said Vijay Dube, President and CEO of Elliptic Technologies. “Our main goal with the security protocol accelerator SPAcc-HSM is to offer our customers the ability to share a single proven, cost and power-efficient engine between processors with different levels of security.”

The SPAcc-HSM provides specialized access control to key management and application processors and ensures that the security boundaries between the two domains are strictly enforced. The sharing of cryptographic resources between the two processors allows for significant gate count reduction and smaller memory footprint.

According to university researchers, most of the Android based phones used today can leak secret information used to access Google Calendar, Contacts and other sensitive data. The main flaw for this security weakness is the ClientLogin authentication protocol used in version 2.3.3 and earlier versions of Android. “Quite easily”, hackers can take advantage of the security hole and launch impersonation attacks against Google services.

Google patched the security hole recently with the release of Android 2.3.4, but some security deficiencies related to Picassa web albums still exist. And unfortunately even if patches are available, it still takes Google’s partners months to upgrade to the latest versions of Android.

The recently published Request For Comments RFC 6176 prohibits the use of Secure Sockets Layer (SSL) Version 2.0 when Transport Layer Security (TLS) clients and servers establish connections. SSL 2.0 has been removed because it does not provide a sufficient level of security.

Networks administrators now have to ensure that the use of SSL 2.0 is prohibited in their networks and checks must be put in place for clients and servers.

RFC 6176 points to the SLL 2.0 deficiencies which include:

• Use of MD5 message authentication
• Lack of protection for handshake messages
• Same key used for message authentication and encryption
•  Sessions can be terminated easily and it is hard to determine if it was a legitimate end of session or not

Elliptic Technologies has announced the immediate availability of its HDCP 2.0 (High-bandwidth Digital Content Protection) Software Development Kit. HDCP 2.0 is a key security technology that addresses all content protection needs for high-valued digital content. The specification has been endorsed by Sony, Panasonic, Intel and high-definition content owners Universal Pictures, Warner Bros. Entertainment and others.

Elliptic is one of the first suppliers of a comprehensive HDCP 2.0 content protection solution, which has already been delivered to lead customers. The HDCP 2.0 Software Development Kit (SDK) is a fully portable architecture that can be used on all popular platforms and Operating Systems, including Android based devices.

“The exploding market for high-definition entertainment has sharpened the need to protect high-value content with more robust protection schemes. Elliptic Technologies is a trusted supplier of embedded security solutions and has the best-in-class content protection IP.” said Vijay Dube, President and CEO of Elliptic Technologies. “Working closely with lead customers and partners gave us the unique opportunity to optimize the HDCP 2.0 components to precisely match the requirements of a digital TV streaming device.”

Digital media is being rapidly adopted as the primary consumer entertainment distribution medium. The technical demands of the digital home and the need to deliver and protect rich audio and video content have increased dramatically in recent years.

Elliptic Technologies today unveils a tiered family of Security Protocol Processors (SPP) that represents the broadest portfolio of embedded security solutions for packet processing and general cryptographic operations for all major security protocols (SSL/TLS/DTLS, IPsec, 3GPP/LTE-Advanced, WiMax, MACsec, SRTP, storage and PKI).

 

Digital security has become a critical requirement in today’s online landscape of social, multimedia and business networks. People and businesses connect and interact with each other anytime and anywhere. New classes of always-connected embedded devices are emerging making these interactions even more complex. We live in a world where voice, data, sound and video are all carried over the Internet. Privacy and control of information is crucial and demand for even higher data rates and more robust security solutions continues to grow.

 

The SPP family offers a unique tiered approach with the broadest range of cost- and power-efficient security solutions that can be configured to provide exactly the functionality and performance level a customer requires.

 

• SPP-SA (Symmetric/Asymmetric) Processing Engines: combine the diverse symmetric cryptographic offload capabilities with the asymmetric functions of a Public Key Accelerator (PKA) and the capabilities of a TRNG, creating a single very efficient, multi-purpose crypto offload resource for ASICs and SoCs.

• SPP-PDU (Protocol Data Unit) Processors: add packet processing support for specific high bandwidth security protocols, such as SSL/TLS/DTLS, IPsec, MACsec, 3GPP/LTE-A, WiMax, PKI or SRTP.

• SPP-MPDU (Multi-PDU) Processors: performance-optimized multi-protocol engines in support of a variety of security applications.

 

“Elliptic is delivering the industry’s largest family of reliable high-performance embedded security solutions which can be tailored to specific customers such as ASIC and SoC suppliers, embedded systems manufactures and network operators”, said Elliptic CTO Mike Borza. “The SPP product line builds on that commitment by focusing on the most important protocols used to secure data today.”

RSA, the Security Division of EMC, announced that SecureID two-factor authentication products may be at risk following a sophisticated cyber attack that has been recently identified.