JOSEKI (cipher)
Encyclopedia
The JOSEKI algorithm
is actually a pair of related algorithms for the encryption and decryption
of secret algorithms stored in firmware
. The bootstrap
code
uses a key
stored in non-volatile memory to decrypt the operating system
code stored encrypted in ROM
. JOSEKI is unusual in that the encryption algorithm is not the same as, and cannot be deduced from, the decryption algorithm.
The concern is that if the physical device is compromised
, the firmware cannot be erased and is subject to inspection and reverse-engineering. However, if the firmware is encrypted, and the decryption key has been erased after the device's start-up / initialization, the code is secure since it is no longer possible to decrypt it.
JOSEKI is an NSA
Type 1
algorithm.
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...
is actually a pair of related algorithms for the encryption and decryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
of secret algorithms stored in firmware
Firmware
In electronic systems and computing, firmware is a term often used to denote the fixed, usually rather small, programs and/or data structures that internally control various electronic devices...
. The bootstrap
Booting
In computing, booting is a process that begins when a user turns on a computer system and prepares the computer to perform its normal operations. On modern computers, this typically involves loading and starting an operating system. The boot sequence is the initial set of operations that the...
code
Computer software
Computer software, or just software, is a collection of computer programs and related data that provide the instructions for telling a computer what to do and how to do it....
uses a key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
stored in non-volatile memory to decrypt the operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
code stored encrypted in ROM
Read-only memory
Read-only memory is a class of storage medium used in computers and other electronic devices. Data stored in ROM cannot be modified, or can be modified only slowly or with difficulty, so it is mainly used to distribute firmware .In its strictest sense, ROM refers only...
. JOSEKI is unusual in that the encryption algorithm is not the same as, and cannot be deduced from, the decryption algorithm.
The concern is that if the physical device is compromised
Compromise
To compromise is to make a deal where one person gives up part of his or her demand.In arguments, compromise is a concept of finding agreement through communication, through a mutual acceptance of terms—often involving variations from an original goal or desire.Extremism is often considered as...
, the firmware cannot be erased and is subject to inspection and reverse-engineering. However, if the firmware is encrypted, and the decryption key has been erased after the device's start-up / initialization, the code is secure since it is no longer possible to decrypt it.
JOSEKI is an NSA
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
Type 1
Type 1 encryption
In cryptography, a Type 1 product is a device or system certified by the National Security Agency for use in cryptographically securing classified U.S...
algorithm.