Cryptographic technologies are now widely available and “easy to incorporate” into many products and systems. However, unless an application is satisfied by SSL, SSH or a secured VPN, there are many other system level considerations. Even in these “simple” systems, there are requirements to produce and distribute keys securely either in the factory or when in use in the field.
VOCAL has significant experience in the development and implementation of such cryptographic systems. This ranges from the implementation of Secure RTP (SRTP) and Secure SIP to protection of factory production and to field hardened ad-hoc networked personal radios. Design considerations include random number generator quality, key generation and protection, replay avoidance and key and/or PN space re-use avoidance. Our software is optimized for DSPs and conventional processors from TI, ADI, ARM, AMD, Intel and other leading vendors. Contact us to discuss your application requirements.
Example 1 – Protection of factory production
When any outside manufacturer is engaged, Asian or otherwise, the security of the product production needs to be understood and monitored. Companies do not want their successful music players being shipped out the front door to them, and out the back door to a waiting black market. Careful application of cryptographic technology can virtually eliminate all such potential with minimal disruption (if any) to the factory assembly/test process.
Example 2 – Unique customer identification
For certain products and services, unique customer identification is required. The system design must prevent the reuse of the same customer identification by more than one device. While this may be fundamentally solved by the use of a unique processor die ID, this may not be adequate on its own. Often times feature sets must also be locked to the purchased hardware device.
Example 3 – Secure multipoint ad-hoc networks
Unlike the well known and studied 802.11 security models, ad-hoc networks, functioning as a secured VPN, pose implementation difficulties. The primary difficulty is the use of common session keys so that all devices may communicate securely. Periodically new session keys must be deployed. Further, each device must never re-use security space of another, but yet they must always be able to decode each other. One must avoid such re-use to prevent exposing the session key and/or its counter block pattern.
Due to the nature of this work, we will only engage with bonafide American companies with established public business practices. We can recommend cryptographic technologies for export purposes, but it is always our customer’s responsibility to ensure they satisfy all of the US government regulations.