Security in the context of a mobile phone means different things to different people. For the consumer it may simply be physical security and ensuring that a stolen phone can not be used; for the enterprise user security issues may have more to do with hiding the phones contents and communications with enterprise servers from prying eyes; while for the supplier of mobile media content security is about ensuring that only the device belonging to the person who has licensed the content can display or play it.

Addressing each of these needs uses security in different ways but they all have one common requirement. They need to be able to ensure that the phone is the phone it purports to be. The most common approach to answering this question is through the use of a cryptographic key. The reliability and trust worthiness of that key is dependant on how it is stored and how the encryption algorithms are implemented. There are two basic approaches: software or hardware. Software solutions can be vulnerable, as the data defining a phone’s security key can be copied or overwritten and the security software can be tampered with. To provide the highest level of trust a hardware solution, which locks the security keys and cryptographic algorithms, is required.

One company which is working within the Symbian ecosystem to provide the tools for implementing hardware based security is Discretix Inc. Based in the US with R&D in Israel Discretix was formed in 2000 when the founders' recognized that one of the barriers to next generation mobile services was reliable on-device security. The challenge faced by Discretix was to create suitable technology which could cope with the limited memory, processing power and battery life available on mobile devices as well as the constraints of a limited bill-of-materials.

The nature of security algorithms means that they are resource hungry and as such they are not well suited to use in a mobile environment. As a result a significant portion of Discretix’s intellectual property and numerous patents focus on how to make standard cryptographic hardware efficient. In fact mobile devices are not the most demanding environment Discretix has created hardware solutions for, CryptoFlash –designed to secure Flash memory cards – is even more power efficient.

In addition to this hardware efficiency Amit Shofar, Discretix’s Director of Business Development, sees another key differentiator that Discretix supplies more than simply the hardware solution. “We are not simply about delivering the hardware specifications for embedded cryptography and key storage,” says Amit. “We also provide a rich, ready to use software stack, which allows developers to easily integrate security into their applications.”

It is this software stack and open API which has allowed Discretix to partner with NDS to create an end-to-end OMA DRM 2.0 compliant system for the delivery of mobile media. NDS has traditionally supplied technology for the secure delivery of entertainment and information to television set-top boxes and other consumer electronics, such as cable and satellite TV.

For content providers the single biggest security threat created by delivering content to a mobile phone is the phone’s owner. Even the technically inept will undoubtedly master sufficient technical skills to be able to download and install software to crack protection placed on mobile content. The creation of cracking routines relies on the visibility of any security measure applied to the files, if the security data is in volatile memory and the decryption is in software then sooner or later a hacker will poke into the workings of the system and find a way to break or circumvent it.

The integration of Discretix’s CryptoCell technology with NDS’s mVideoGuard has leveraged NDS’s experience in secure delivery of television video to provide secure content delivery for a range of media types on mobile devices.

Secure end-to-end OMA 2.0 DRM solution.

The NDS co-operation is however reliant on CryptoCell technology being implemented in phone hardware and Amit indicated that in addition to Ericsson Mobile Platforms and Sony Ericsson other announcements about hardware implementations might not be too far away.

Discretix is also working with other Symbian OS Licensees, of which Sony Ericsson is the only one currently being named publicly, which in turn has lead to co-operative work with Symbian Limited. “We are working very closely with Symbian on the definition of APIs to link between Symbian OS and the crypto-cores in CryptoCell,” says Amit. “We believe Symbian sees security as strategic to the development of the next generation of Symbian OS, in fact it will be a key differentiator. There is already a security and cryptographic framework in V8.0 but this is only the first step. One of the important aspects of the new security framework will be the ability of the OS to rely on a strong root of trust, such as security hardware. We are working very closely to ensure support in Symbian OS for CryptoCell.” Amit believes one of the main reasons Discretix is working so closely with Symbian is because “we are the only vendor who has implement similar interfaces in real projects, as we have customers who already have Symbian OS based phones with CryptoCell in development.”

DRM solutions based on CryptoCell rely on a unique key associated with the device, which will probably be issues through Content Management License Administrator. This device based key is part of the OMA DRM 2.0 specification. However, CryptoCell can also work with several different device keys, such as the SIM key, for applications like Device Management, Over-The-Air (OTA) updates, mobile commerce and more. The CryptoCell APIs also incorporate features to enable the use of PIN codes, or similar individual identifies.

“We believe CryptoCell solves the security problem for mobile devices without sacrificing quality or performance,” says Amit. “We have achieved this through the combination of a hardware IP model and a software stack. The key is that we have kept that which needs to be fixed and defined in hardware and that which can be flexible, and change to suit specific applications, in software.”

Protecting rights in the digital world is the key enabler in encouraging content providers to embrace wireless digital communications as a medium for the distribution of their property. Hardware security solution like CryptoCell will provide content suppliers with a far higher degree of certainty that content is consumed the way they want it to be. Of more interest will be seeing how technologies like CryptoCell facilitate a more secure Symbian OS, and the opportunities that opens for both enterprise and consumer applications which overcome many of today’s concerns about mobile security.

More information on Discretix can be found on its web site, www.discretix.com.