+1 613 254 5456
adjust font size Increase Font Size Reset Font Size Decrease Font Size

ESS-06: Certification Authority

A server based set of applications that provide a trusted, managed environment to generate, inject, transport, archive and revoke keys and certificates to ensure Design IP protection in the supply-chain. It can also be used to generate and manage credentials used in device-to-device identification and authentication protocols, content protection and other security applications.

ESS-06: Ellipsys-Certification Authority (CA) is part of the Ellipsys Trust Framework which is Elliptic’s platform security solution to help device manufactures and system providers protect their product from tampering, cloning, and other threats.

Device manufacturers are at great risk of losing revenue because of illegal product tampering, like product hacking, cloning and counterfeiting. To address such issues, Elliptic offers the Ellipsys-CA which is a server based set of applications that provide the ability to generate and manage credentials. Ellipsys-CA offers a trusted, managed environment to generate, inject, transport, archive and revoke keys and certificates.

Ellipsys-CA gives device manufactures more control over their outsourced manufacturing process. It also prevents device cloning and replacement by giving the device manufacturers the capability to control access to secret information and thus eliminating or reducing the threat of secret data leakage.

There are multiple variants of Certificate Authority (CA) schemes that Ellipsys-CA can support. Ellipsys-CA can work as a standalone solution, or in tandem with other Ellipsys Trust Framework companions, such as Ellipsys-Secure Boot (SB) and Ellipsys-Virtual Security Module (VSM).

 

Features

  • Protects against cloning and counterfeiting of Design IP
  • Protects high valued content (ie HD Video)
    • Authorized use
    • Access and rights controls
    • Revocation
  • Support for manufacturing processes for signed code loads
  • Offers split responsibility between manufacturers and OEMs
  • Can authorize multiple vendors for signing code through certificate management
  • Supports industry standard protocols and algorithms
  • Support for hardware acceleration for cryptographic operations and CPU offload
  • Highly configurable, flexible and reliable
  • Available under binary licenses, but source licenses are also available under request

 

Benefits

  • Complete solution
  • Highly configurable, flexible and reliable
  • NIST CAVP Certified
  • Optimized for size and performance
  • GPL-Free Code
  • Platform/OS agnostic
  • Significantly reduces development cycles
  • Optional support for hardware acceleration and offload for embedded processors

Applications

  • Anti-cloning and anti-counterfeiting
  • Key injection
  • DRM schemes (CPRM, HDCP)

Downloads

Featured Products

media ETS-020: tVault HDCP 2.2
A proven HDCP-based content protection solution that provides robust security inside Trusted Execution Environments (TEEs) and enforces the protection of sensitive information to ensure that it is stored, processed and accessed only by authorized applications.The solution integrates seamlessly within frameworks such as ARM TrustZone™, where the critical security components are embedded in a trusted and secure OS environment. The non-critical components are executed by the rich OS, such as Android.
tower CLP-630: Multi-Packet Manager Security Engine
A highly programmable and unique Security Protocol Accelerator specifically designed to efficiently process data for high capacity wireless and network applications. The engine is perfectly suited for applications that deal with multiple active connections and significant traffic load on different contexts, such as 4G LTE-Advanced wireless cellular base stations and femtocells.