The JOSEKI algorithm is actually a pair of related algorithms for the encryption and decryption of secret algorithms stored in firmware. The bootstrap code uses a key stored in non-volatile memory to decrypt the operating system code stored encrypted in ROM. JOSEKI is unusual in that the encryption algorithm is not the same as, and cannot be deduced from, the decryption algorithm.

The concern is that if the physical device is compromised, the firmware cannot be erased and is subject to inspection and reverse-engineering. However, if the firmware is encrypted, and the decryption key has been erased after the device's start-up / initialization, the code is secure since it is no longer possible to decrypt it.

JOSEKI is an NSA Type 1 algorithm.

References Edit