Rambus CircleGovernment

Securing Mission-critical Systems

Whether satellite, UAV, wearable, or other military equipment, today’s advanced military hardware contains highly-complex embedded microelectronic systems that include processing, data storage, and data receiving/transmitting capabilities. In-theater soldiers rely on these devices to successfully (and safely) complete their missions, and mission commanders require accurate, real-time information from these devices to command forces.

The increase in connected military devices has also lead to a dramatic rise in security threats. Through side-channel attacks, malicious parties can hack these devices and extract cryptographic keys, exposing sensitive information. Systems can be targeted through Distributed Denial of Service (DDOS) attacks, rendering entire groups of connected hardware ineffective and untrusted. At Rambus, we understand the importance of protecting sensitive information and assets. We address this by building products and services that secure systems, and provide better, faster access to data.

The Rising Need for Satellite Security

Beyond the traditional jamming and spoofing attacks, there is a growing and significant risk of a malicious attacker taking physical control of a satellite, decaying its orbit, exposing it to irreversible solar radiation damage, or maneuvering into other satellites in orbit. Satellites today contain highly complex embedded microelectronics systems, complete with processing, data storage, and data receiving/transmitting capabilities. Further, they are controlled by ground stations and computers in data centers. Because of this, they are susceptible to threats prevalent in cloud computing architectures, including insider threats, malicious downloads, etc.

Download white paper 
preventing side-channel attacks icons

Preventing Side-channel Attacks

Electronic devices that use cryptography are susceptible to side-channel attacks, including Simple Power Analysis (SPA) and Differential Power Analysis (DPA). Equipment captured by, or simply in close proximity to an adversary can potentially be hacked using low-cost, non-invasive methods that enable attackers to stealthily extract secret cryptographic keys used during secure device operations. Once the keys have been extracted, adversaries can easily gain unauthorized access to a device, decrypt or forge messages, steal identities, clone devices, create unauthorized signatures and perform additional unauthorized transactions.

securing systems before deployment icon

Securing Systems Before Deployment

In order to maintain in-theater security, military hardware should be examined prior to deployment for security flaws. ASICs, FGPAs, and all other semiconductors are all susceptible to side-channel attacks. In order to ensure that side-channel attacks will not be successful, a security analyst must have a method of testing the level of side-channel attack resistance by collecting power consumption or electromagnetic emission signals coming from a cryptographic device while it performs operations using secret keys. These collected signals can be examined using Simple Power and Electromagnetic Analysis (SPA/SEMA) or more powerful Differential Power and Electromagnetic Analysis (DPA/DEMA) to identify exposure of secret keys.

Introduction to Side-Channel Attacks

Side-channel attacks, including simple power analysis and differential power analysis, conducted against electronic gear are relatively simple and inexpensive to execute. An attacker does not need to know specific implementation details of the cryptographic device to perform these attacks and extract keys. As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.

Download eBook
easy security implementation icon

Easy Security Implementation

The CryptoManager platform is comprised of a tightly-integrated security ecosystem that enables simple and rapid integration into new and existing systems. The Root of Trust can be embedded as a secure processing core alongside the main CPU to provide robust endpoint security, while the secure Infrastructure manages the provisioning and management of cryptographic keys at the time of manufacture and in the field from chip-to-cloud.

secure OTA communications icon

Secure OTA Communications

One of the major benefits of a connected military system is the ability to do in-field Over the Air (OTA) software and firmware updates regardless of where the system is located. This minimizes the need to pull equipment from the field and keeps vehicles and equipment in service longer. The CryptoManager platform provides a hardware root-of-trust embedded in the system, enabling military commands to verify that the OTA update is authentic. Additionally, the system utilizes personalized keys that are unique to each device to further ensure the integrity of the communication between the cloud and the hardware.