Skip to main content
emSecure Product Icon SEGGER (Blue)

emSecure — Create and verify digital signatures

emSecure is a software solution for embedded systems from SEGGER and the best way to protect vital products and assets. emSecure’s secure authentication can be used to protect products at no per-unit cost against hacking and cloning.

Overview

The emSecure software package from SEGGER is a digital signature suite that allows the creation and verification of digital assets. One important feature is that emSecure can make it impossible to create a clone  by simply copying hardware and firmware of an embedded device. That is of course just the beginning: it also secures firmware updates to embedded devices and authenticates licenses, serial numbers and other sensitive data.

 

Introduction to emSecure

100% protection against hacking

emSecure offers 100% protection against hacking. This is a must-have feature. Devices like election machines, financial applications and sensors all need the absolute maximum in protection against hackers. A compromised device is a dangerous device: Compromised devices can damage a manufacturer’s reputation and even lead to severe legal disputes.

Ignoring the potential danger of hacking is irresponsible. Based on asymmetric encryption algorithms with two keys, emSecure ensures protection against hacking: signatures cannot be forged by the reverse engineering of the firmware.

 

Key features

  • Asymmetric algorithms: Dual keys (private & public) ensure 100% security
  • Hardware-independent: Works on any CPU with no extra hardware needed
  • Applicable for new & existing products
  • Complete package: Key generator & tools included
  • Full source code available
  • Protect personal files with free 'Sign & Verify'

Public & private keys — How emSecure secures products

emSecure uses a secure private key to generate a digital signature. A second, public key is used to authenticate data by that signature. It is not possible to get a private key from the public key. Generating a valid signature without the private key is also impossible.

The source code of emSecure was created from scratch for embedded systems to achieve highest portability with a small memory footprint and high performance.  Its use isn’t restricted to embedded systems. With its easy usage, it takes less than a day to add and integrate emSecure to an existing product.

emSecure is the complete package: this includes ready-to-run tools and functionality for generating keys and signatures for your embedded solution.

Powerful, yet simple, API

emSecure has a simple yet powerful API. It can be easily integrated into an existing application within a day. emSecure incorporates proven security algorithms as proposed by NIST. The algorithms are proven to be cryptographically strong and can provide maximum security to your applications.

emSecure is licensed in the same way as other SEGGER middleware products and software libraries. It is not covered by an open-source or required-attribution license. It can be integrated in any commercial or proprietary product without the obligation to disclose the combined source. It can be used royalty-free in your product.

Created for resource-constrained microcontroller-based systems

emSecure has been created from scratch to achieve highest portability and performance, with a very small memory footprint. Product developers can therefore profit from the security of digital signatures in embedded applications. Even on small, single-chip microcontrollers, there is no need for additional hardware such as external security devices or external memory.

Complete package

Offering a complete package, emSecure includes:

  • Ready-to-run tools to generate keys and signatures, to sign and verify data and to convert the keys and signatures into compilable formats.
  • All required source code to integrate signature generation directly into your production process and data verification into your application or firmware.

emSecure example project

emSecure has a sample application project that demonstrates the verification of a signed message. It is available for evaluation upon request, so please do not hesitate to contact us.

The example project is a SEGGER Embedded Studio solution. It can be run in the SEGGER Embedded Studio Simulator as well as on real Cortex-M3 / Cortex-M4 hardware.

emSecure DebugTerminal

The application itself is simple. The example includes a Message.txt which can be signed with emSign and the included sample keys. Message and signature are converted to compilable buffers which can be included in the application. The application runs the verification on the message with the signature. This will only pass when neither the message nor the signature are modified. The message can be changed, signed and converted with the included tools.

void main(void) {
  int Status;

  [...]
  printf("Verifying message...");
  Status = SECURE_Verify(&PublicKey, 0, 0, message_file,   sizeof(message_file), _S, sizeof(_S));
  if (Status > 0) {
    printf(" OK\nTry modifying the message to see what happens.\n");
  } else {
    printf("FAILED! The signature does not match the message.\n");
  }
  [...]
}

emSecure version comparison

emSecure is available in different versions which use various signature algorithms. Each signature algorithm has different characteristics. emSecure products can provide security for any requirement of size or speed. The table below lists some benefits of the different emSecure versions. For a complete overview and performance values, please refer to the subpage of the product.

emSecure versionPro
emSecure-RSA 
  • Proven over decades
  • Fast signature verification
  • Low ROM requirements
 
emSecure-ECDSA 
  • Modern algorithm
  • Smaller key sizes for same level of security
  • Fast signature generation
  • Low RAM usage
 

The Sign & Verify drag-and-drop application

The Sign & Verify Application enables the easy drag-and-drop creation of emSecure digital signatures and the verification of signed files. It is also free for personal use: for example, making sure the files stored on a server are not changed or to allow communication partners to send/receive files knowing that nothing has been changed during transmission.

Want to know more? Find out more about emSecure Sign & Verify here.

Additional measures to keep the system secure

There is no disputing the degree of security that emSecure offers: It is unbreakable because no one can generate a valid signature without knowledge of the private key.

With enough effort put into getting the bootloader or firmware image, disassembling it, analyzing it, and modifying the application to bypass the security measures, a hacker might be able to clone a product or use alternative firmware images, but even then this would only work until a firmware update is done.

There are additional ways to increase overall system security:

  • The private key must be kept private.
  • Private keys should best be generated on a dedicated machine that has no connection to a network and controlled access.
  • RSA private keys can be generated from a passphrase, which means the passphrase should not be too easy to guess.
  • The pass-phrase length is not limited.
  • The company name is not a good choice.
  • The passphrase must be kept private, too.
  • The private key might also be encrypted and is only decrypted while it is used in production.
  • The bootloader should be stored in a memory which can be protected against read- and write-access.
  • The firmware should be protected against external read-access.
  • The verification process can be done in multiple places in the application. A tool communicating with the product, like a PC application, might carry out additional checks.

Licensing

emSecure is available under various Embedded Software License models and delivered in source code packages. With a wide range of licensing options, emSecure can fulfill commercial requirements as well as technical requirements. All licenses are one-time payments. emSecure is royalty-free and not subscription-based. This makes the software a part of the equipment expenses, keeping the costs static.

* Applies to second seat/product and all additional seats/products of the Single Product License and Single Developer License.

FAQ

Q:  I want to inhibit copying a whole firmware from one product hardware to another cloned one. How can I prevent it from running the cloned version with emSecure?

A:  Nearly every modern MCU includes a unique ID which is different on every device. When the signature covers this UID it is only valid on one single device and cannot be run on a cloned or copied product. The firmware can verify the signature at boot-time.

Q:  I added a digital signature to my product. Where should I verify it?

A:  Signature verification can be done in-product or off-product. With in-product verification the firmware for example verifies the digital signature at boot-time and refuses to run when the signature cannot be verified. With off-product verification an external application, e.g. a PC application communicating with the device, reads the signature and data from the product in order to verify it.

Q:  I want my product to only run genuine firmware images. How can I achieve this with emSecure?

A:  To make sure a firmware image is genuine, the complete image can be signed with a digital signature. For instance while using a CRC for integrity checks, the signature is sent with the firmware data upon a firmware update. The application or bootloader programming the firmware onto the device, validates the firmware data with its signature. The signature can only be generated with the private key and should be provided by the developer through the firmware data.

Q:  I am providing additional licenses for my product which shall be locked to a specific user or computer. Can I generate license keys with emSecure?

A:  Yes. emSecure can generate unique license keys for any data, like a computer ID, a user name, e-mail address, or any other data.

Q:  My product is sending data to a computer application. Can I make sure the computer application is getting data only from my product with emSecure?

A:  Yes. In this case the product is used to sign the data and the computer application verifies it. To prevent the private key from being read from the product, it might be stored encrypted on the product or in the application and decrypted prior to signing the data.

Q:  Does emSecure support DSA?

A:  No, but signing and verification code are available from SEGGER. Please get in touch with us if you feel DSA signature verification is what you need.

Q:  My Question is not listed above. Where can I get more information?

A:  For more information feel free to contact us.