Certicom Launches Security Solution for Digital Rights Management (DRM)


Comprehensive Platform Achieves Robust DRM Implementations by Securing Device from Silicon up to the Application

MISSISSAUGA, ON, Dec. 6 / -- Certicom today announced Certicom Security for DRM, a comprehensive solution that implements digital rights management (DRM) agents as part of a trusted platform. To achieve DRM robustness, device manufacturers must ensure that only trusted applications have access to DRM resources, and that sensitive keying material is protected and inaccessible. Without this level of security, a DRM scheme could be thwarted by attacks on system resources from downloads of malicious code.

Certicom delivers DRM robustness for multimedia capable mobile phones, handheld devices, consumer electronic devices, and set-top boxes with a platform that includes the Certicom Security Architecture and Certicom KeyInject. Certicom Security Architecture secures device software and leverages hardware-based security in silicon. It includes a pre-integrated Open Mobile Alliance (OMA) DRM Agent from Beep Science and is extensible to other DRM schemes. Certicom KeyInject monitors and controls keying material during device manufacture.

Through a new partnership with Elliptic Semiconductor, Certicom also offers pre-integrated hardware intellectual property (IP) cores that enable chip designers to include hardware-based security for DRM in their own media co-processor designs. With these IP cores, processor designers can exploit the performance and security benefits derived from implementing cryptography and key management functions in hardware. For device manufacturers using off the shelf silicon, Certicom offers board support packages that leverage hardware security available in leading chipsets from Intel and Freescale Semiconductor.

"Certicom understands that the best defense against hackers is to protect the many levels of vulnerabilities throughout an entire system, using hardware wherever possible," said Al Hawtin, vice president of sales and marketing at Elliptic Semiconductor. "When you approach security from a system perspective, our partnership with Certicom is a natural one that offers many security and performance benefits to device manufacturers and multimedia chip developers."

"Certicom's approach to DRM eliminates vulnerabilities that aren't typically addressed by other DRM solutions," said Jim Alfred, director of product management at Certicom. "By protecting the silicon, software components and even the manufacturing environment, we enable vendors to meet DRM robustness rules and protect their investment and revenue."

Certicom Security for DRM includes the following modules:

Certicom Security Architecture

o Beep Science OMA DRM Agent and Server: fully compliant with the
DRM standard from the Open Mobile Alliance (OMA)

o Security Builder ETS: leverages hardware-based key storage,
management and cryptographic operations which contribute to robust
DRM solutions

o Security Builder Crypto: optimized software crypto provider for
cases where a hardware crypto provider is not available, or to
complement a hardware crypto provider when all required functions
are not available

o Security Builder BSP: interface to specific hardware components
including Elliptic Semiconductor IP cores and industry leading
chips, including those from Freescale and Intel

o Security Builder API: a common application programming interface
that maximizes portability and code re-use from one chip to
another

o Elliptic Semiconductor IP Cores: series of hardware cores that
allow designers to achieve performance and security benefits by
implementing the crypto required by DRM in hardware

Certicom Key Inject

o provides a mechanism to secure the keys and certificates during
the manufacturing process by controlling access to, and reporting
usage of, keying information

Certicom Security for DRM with the Elliptic Semiconductor IP Cores is available this quarter. For more information, visit http://certicom.com/drm.

About Certicom

Certicom protects the value of your content, software and devices with government-approved security. Adopted by the National Security Agency (NSA) for classified and sensitive but unclassified government communications, Elliptic Curve Cryptography (ECC) provides the most security per bit of any known public-key scheme. As the undisputed leader in ECC, Certicom security offerings are currently licensed to more than 300 customers including General Dynamics, Motorola, Oracle, Research In Motion and Unisys. Founded in 1985, Certicom's corporate offices are in Mississauga, ON, Canada with worldwide sales headquarters in Reston, VA and offices in the US, Canada and Europe. Visit www.certicom.com

Certicom, Certicom Security Architecture, Certicom Trust Infrastructure, Certicom CodeSign, Certicom KeyInject, Security Builder, Security Builder API, Security Builder BSP, Security Builder Crypto, Security Builder ETS, Security Builder GSE, Security Builder IPSec, Security Builder NSE, Security Builder PKI and Security Builder SSL are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders. Information subject to change.

Source: Certicom Corp.

CONTACT: Tim Cox, Zing Public Relations, (650) 369-7784, tim@zingpr.com; Brendan Ziolo, Certicom Corp., (613) 254-9267; bziolo@certicom.com

All Topics