Alternative algorithm for digital signature tool deters firmware hacks

October 14, 2015 // By Graham Prophet
With emSecure-ECDSA, Segger is adding a powerful option to its digital signature suite. The emSecure software package now offers two different schemes for the generation and verification of digital signatures – RSA and ECDSA. This widens options when using emSecure to protect against firmware hacking and hardware cloning.

emSecure is a software solution to authenticate digital assets. It can be used to secure products at no per-unit cost against hacking and cloning and has to date been offered with RSA signatures by default.

While RSA has proven robust for decades, ECDSA (Elliptic Curve Digital Signature Algorithm) is a relatively modern algorithm and a FIPS and IEEE standard since 2000.

Each digital signature variant has its own advantages. With the emSecure product family now offering two schemes for signature generation, the user has the choice which option better fits his requirements.

ECDSA provides the same level of security as RSA with shorter key lengths. A 256-bit ECDSA key is equivalent to a 2048-bit RSA key. Shorter keys not only save space - the underlying calculations of the algorithms may be completed faster. This especially applies to signature generation, which is about seven times faster compared to RSA and makes it possible to sign data even on small microprocessors very efficiently in time and energy expended.

emSecure-ECDSA has been created to fit a wide range of requirements in terms of size, speed, and level of security. It uses about 10 kByte of ROM and no static RAM. Signature verification can be done within 160 msec, with less than 2.5 kByte on the stack, measured on a Cortex-M and using the P-256 curve.

More information on emSecure-ECDSA can be found at: www.segger.com/emlib-emsecure-ecdsa.html