Rambus has signed an agreement with Idaho Scientific to license its Differential Power Analysis (DPA) countermeasures. According to Dr. Martin Scott, general manager of Rambus’s Security Division, the DPA countermeasures will be used in Idaho Scientific’s FPGA and defense ASIC security IP Cores.
“Today’s leading aerospace and defense companies are looking for solutions to counter the increasing threat of side-channel attacks,” said Scott. “This licensing agreement will grant Idaho Scientific’s customers access to advanced DPA countermeasures – allowing them to safeguard the data integrity of applications requiring a high level of security, particularly those serving the aerospace and defense sectors.”
As Scott points out, broader and faster adoption of DPA countermeasures in the FPGA ecosystem will ensure that components are insulated from these types of vulnerabilities.
“Idaho Scientific has the ability to rapidly deliver solutions based on our DPA countermeasures that will bring significant benefits to the industries they serve, where safety and security are a top priority,” he added.
Dale Reese, president of Idaho Scientific, expressed similar sentiments.
“By incorporating Rambus’ technology into our IP cores, we provide our customers access to premier solutions that are immune to DPA attacks,” said Dale Reese, president of Idaho Scientific. “The Rambus DPA countermeasures enhance the efficiencies of our FPGA and ASIC encryption cores, which are especially critical to our aerospace and defense customers.”
DPA countermeasures, developed by Rambus Cryptography Research, consist of a broad range of software, hardware, and protocol techniques that protect devices from side-channel attacks. DPA is a type of side-channel attack that monitors variations in the electrical power consumption or electro-magnetic emissions from a target device. These measurements can then be used to obtain cryptographic keys and other sensitive information from semiconductors.
According to Rambus Security Fellow Pankaj Rohatgi, the industry is quite concerned over the potential extraction of keys or the reverse engineering of sensitive military algorithms using both Simple Power Analysis (SPA) and DPA.
“These attacks involve measuring and analyzing the power consumed by a device while it is performing its normal operations with secret keys and algorithms. Such passive, noninvasive attacks cannot be detected or audited by the device,” he told Military Embedded Systems. “Portable electronics, communications gear and ‘leave-behind’ equipment are the most vulnerable: They are easiest for an enemy to acquire and access. After conducting the attack, the enemy could eavesdrop on military communications and forge command-and-control messages. In a military setting, the enemy [is] much stealthier and successful attacks might not get discovered until it is too late.”
Specific countermeasures, says Rohatgi, include leakage reduction, noise introduction method, obfuscation and the incorporation of randomness. It should be noted that Rambus has licensed a range of DPA countermeasures to a number of prominent corporations such as Boeing, NAGRA, The Athena Group and Winbond.