Designed to deliver consistent, high-quality results for the certification of cryptographic modules, our Differential Power Analysis (DPA) Countermeasure Validation Program is a comprehensive and rigorous security testing procedure that uses independent accredited testing labs.
Side-channel attacks conducted against electronic gear are relatively simple and inexpensive to execute. Such attacks include simple power analysis (SPA) and Differential Power Analysis (DPA). As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.
Licensed vendors with products that have successfully passed the independent security tests in the DPA Countermeasure Validation Program are permitted to use the DPA Lock™ logo on compliant products, packaging, and marketing materials.
The DPA security logo gives customers assurance of two main benefits:
1. The device implements effective DPA countermeasures, the effectiveness of which have been tested and verified by a qualifying independent testing lab, and
2. The product has obtained the necessary patent license from Cryptography Research
Side-channel attacks comprise a wide range of techniques including Differential Power Analysis, Simple Power Analysis, Simple Electromagnetic Analysis, Differential Electromagnetic Analysis, Correlation Power Analysis and Correlation Electromagnetic Analysis. An effective layer of side-channel countermeasures should therefore be implemented via hardware (DPA resistant cores), software (DPA resistant libraries) or both. After layered countermeasures have been implemented, systems should be carefully evaluated to confirm the cessation of sensitive side-channel leakage.
DPA Countermeasures are fundamental techniques for protecting against Differential Power Analysis (DPA) and related side-channel attacks. Consisting of a broad range of software, hardware, and protocol techniques, DPA Countermeasures include reducing leakage, introducing amplitude and temporal noise, balancing hardware and software, incorporating randomness, and implementing protocol level countermeasures.