The security encryption module of GR551x System-on-Chips (SoCs) can encrypt user data and user application firmware in Flash memories, preventing the data and the application firmware from being stolen, and therefore protecting user products.
This chapter introduces the fundamentals on encryption and signing, to help users better understand the technologies applied by GR551x SoCs for encryption, decryption, and digital signatures.
- Symmetric-key encryption: also known as private-key encryption, in which only one key is involved to cipher (by the sender) and decipher (by the receiver) data
- Asymmetric-key encryption: also known as public-key cryptography. It involves a pair of keys: a public key and a private key, with each for encryption and decryption. If the public key is used to encrypt a message, the private key is used to decrypt the message.
- Message integrity: A message shall not be tampered with, which is normally checked with one-way hash tables.
- Message authentication code (MAC): an authentication mechanism which not only examines whether a message is tampered with, but also checks whether a message comes from an expected communication object
- Hybrid cryptosystem: It combines the efficiency of a symmetric-key cryptosystem with the convenience of a public-key cryptosystem. Symmetric-key cryptosystems boost the efficiency of encryption and decryption, and public-key cryptosystems help distribute keys.
A digital signature is a kind of cryptography that ensures message integrity and provides authentication and non-repudiation. The strings, which can only be generated by the message sender and cannot be fabricated by other parties, can be used as valid credentials for the authenticity of a sent message.