Security Icon

Security

DPA Resistant Cores

Rambus DPA Resistant Hardware Cores prevent against the leakage of secret cryptographic key material through attacks when integrated into an SoC. These superior performance cores are easy to integrate into SoCs and FPGAs, providing robust side-channel resistance across different security and performance levels. Many cores are validated to FIPS 140-2 CAVP.

How DPA Resistant Cores works

The DPA Resistant Hardware cores offer chipmakers an easy-to-integrate technology-independent soft-macro security solution with built-in side-channel resistance for cryptographic functions across a wide array of devices.

These high-performance cores provide a higher level of protection than standard security cores, while improving time-to-market, as all the cores are validated DPA countermeasures. It is highly flexible for integration with standard cipher modes such as Cipher Block Chaining (CBC), Counter (CTR) and Authenticated Encryption mode / Galois Counter (GCM) modes. The fast AES core performs AES encryption with DPA protection using only 2 clock cycles per AES round, outperforming any existing solution.

DPA Resistance Diagram

Additionally, the DPA Countermeasure hardware cores offer both encryption and decryption functions with key size options of 128- and 256-bits for AES and 4096 bits for RSA, with 8192 support when using a larger memory.

Our secure cores implement DPA countermeasures such as LMDPL (LUT-Masked Dual-rail with Pre-charge Logic) gate level masking and other schemes, delivering the highest level of security while meeting silicon area, performance and power budget targets. These countermeasures are portable to any FPGA or ASIC technologies.

The DPA-resistant family of cores are extensively validated using the Test Vector Leakage Assessment (TVLA) methodology, and reveal no leakage beyond 100 million traces. The core is protected against univariate first- and second-order side-channel attacks beyond 1 billion operations.

Solution Offerings

  1. Quicken time-to-market using precertified DPA Countermeasures
  2. Highly secure cryptographic engine primitives
  3. Extensive validation using the Test Vector Leakage Assessment (TVLA) methodology (revealing no leakage beyond 100 million traces)
  4. Cores protected against univariate first- and second-order side-channel attacks beyond 1 billion operations
  5. DPARC cores are available for AES (128/256), 3DES, SHA-2 (224/256 or 224/256/384/512), HMAC-SHA-2 (224/256 or 224/256/384/512), RSA, ECDSA, and ECDH
  6. Implements silicon proven and validated DPA countermeasures such as LMDPL (LUT-Masked Dual-rail with Pre-charge Logic) gate-level masking
  7. Simple control/status interface
  8. No routing constraints required
  9. Delivers highest level of security with side-channel resistance prioritized
  10. Also available as non-protected standard versions

Configurable DPA Resistant Core

  • Verilog RTL reference design

Synthesis Inputs

  • SDC constraint file suitable for FPGA or ASIC synthesis

Full Documentation

  • Usage guide

Functional Testbench

  • NIST-compliant test vectors

Development and Test Environment (optional)

  • DPA Workstation Platform
  • Implementation on reference FPGA board
  • Integrated testing framework
CoreCertification Number
AES-AE-16-DPAC734
AES-AE-4-DPAC733
AES-ECB-16-DPAC725
AES-ECB-32-DPAC726
AES-ECB-4-DPAC724
AES-FBC-16-DPAC730
AES-FBC-4-DPAC729
HMAC_SHA2_224_256_384_512_DPAC737
HMAC_SHA2_224_256_DPAC738
NIST Website
Introduction to Side-Channel Attacks eBook

Introduction to Side-Channel Attacks

Side-channel attacks conducted against electronic gear are relatively simple and inexpensive to execute. Such attacks include simple power analysis (SPA) and Differential Power Analysis (DPA). As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.

Download eBook

Inventions

Security Icon

DPA Countermeasures

DPA Countermeasures are fundamental techniques for protecting against Differential Power Analysis (DPA) and related side-channel attacks. Consisting of a broad range of software, hardware, and protocol techniques, DPA Countermeasures include reducing leakage, introducing amplitude and temporal noise, balancing hardware and software, incorporating randomness, and implementing protocol level countermeasures.

FREE Webinar: Understanding Fault Injection Attacks and Their Mitigation