Overview:
The Secure Boot IP is a turnkey solution that provides a secure boot facility for an SoC. It implements the Post Quantum secure Leighton-Micali Signature (LMS) as specified in NIST SP800-208. The Secure Boot IP operates as a master or slave peripheral to an Application Processor, serving as a secure enclave that securely stores keys to ensure their integrity and the integrity of the firmware authentication process.
Features:
Post Quantum Secure LMS Signature: Utilizes a robust Post-Quantum secure algorithm for enhanced security.
Firmware Updates: Supports up to 32 thousand firmware updates with a minimal signature size of typically less than 5KBytes.
SESIP Level 3 Pre-Certification: Pre-certified to SESIP Level 3 for added security assurance.
RTL Delivery: Delivered as RTL for ease of integration into SoC designs.
Proprietary IP: Based on proprietary IP with no 3rd party rights or royalties.
Operation:
The Secure Boot IP operates as a master, managing the boot process of the Application Processor to ensure that it only boots from and executes validated and authenticated firmware. The Secure Boot IP also functions as a slave peripheral, where the Application Processor requests validation of the firmware as part of its boot process, eliminating the need for managing keys and simplifying the boot process.
Applications:
The Secure Boot IP is versatile and suitable for a wide range of applications, including but not limited to:
Wearables
Smart/Connected Devices
Metrology
Entertainment Applications
Networking Equipment
Consumer Appliances
Automotive
Industrial Control Systems
Security Systems
Any SoC application that requires executing authenticated firmware in a simple but secure manner.