Designed for security chip vendors, product companies, testing labs, and government organizations, the DPA Workstation (DPAWS) 9 analysis platform is the world’s premier side-channel analysis solution that offers an out of the box solution for testing against FIPS 140-3 and ISO/IEC 17825 requirements. It includes all the hardware, software and training needed to evaluate and certify secure devices. DPA Workstation is available with Riscure fault injection (FI) products, offering complete fault injection functionality as well as differential fault analysis (DFA).
DPAWS 9 includes an integrated suite of hardware, and data visualization software, for testing and analyzing the vulnerabilities of cryptographic chips and systems to power and electromagnetic (EM) side-channel attacks. With an intuitive, easy-to-use interface, DPAWS 9 enables users to quickly and easily identify and address potential security flaws in systems and SoCs. Using DPAWS 9, an analyst can collect power consumption and EM signal emissions from a cryptographic device performing operations using secret keys.
Previously, side channel attack testing was a long, cumbersome exercise in custom-built command line code. It was normally only performed by highly-trained, experienced engineers. The DPAWS 9 systems offers a Windows-based, intuitive user interface that allows test and security engineers to perform this analysis quickly and efficiently. Collected signals are examined using simple power and electromagnetic analysis (SPA/SEMA) or more powerful differential power and electromagnetic analysis (DPA/DEMA) to identify exposure of secret keys. The DPAWS 9 system provides the ability to test against many of the side channel attacks specified in the FIPS 140-3 and ISO/IEC 17825 requirements.
Log-in to access the DPA Support portal.
Side-channel attacks conducted against electronic gear are relatively simple and inexpensive to execute. Such attacks include simple power analysis (SPA) and Differential Power Analysis (DPA). As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.
DPAWS 9 includes everything needed to collect, process and analyze algorithms and devices. Custom test fixtures are included for analysis of smart cards and FPGA algorithms. Additionally, DPAWS 9 provides the flexibility to interface to your own devices. Signal probes, filters, and a wideband amplifier are provided with the DPAWS 9 to shorten startup time. A carefully selected digital oscilloscope and PCI data acquisition card facilitate a wide variety of data collection. Collections and analyses can be scripted using native Python or MATLAB modules. Powerful visualization and analysis tools are included to facilitate rapid and complete testing of hypotheses. Users also receive an in-depth training course covering both theoretical and practical aspects of side-channel analysis.
Riscure Fault Injection offers a comprehensive set of features to perform FI testing on embedded devices. FI users can test whether a key can be extracted by inducing faults in a chip’s cryptographic operations, by bypassing a check such as an authentication or lifecycle state, or changing the program flow on a chip. Rambus partners with Riscure to provide the most comprehensive and integrated side-channel test capability available. Riscure FI is integrated with DPAWS 9 and can be purchased as an option.
Supports Complete DPA Workflow
Scripting modules for efficient development of collection and analysis scripts
Powerful data visualization software
Ease of Data Acquisition
Multiple Devices and Sensors
Side-channel attacks comprise a wide range of techniques including Differential Power Analysis, Simple Power Analysis, Simple Electromagnetic Analysis, Differential Electromagnetic Analysis, Correlation Power Analysis and Correlation Electromagnetic Analysis. An effective layer of side-channel countermeasures should therefore be implemented via hardware (DPA resistant cores), software (DPA resistant libraries) or both. After layered countermeasures have been implemented, systems should be carefully evaluated to confirm the cessation of sensitive side-channel leakage.
DPA Countermeasures are fundamental techniques for protecting against Differential Power Analysis (DPA) and related side-channel attacks. Consisting of a broad range of software, hardware, and protocol techniques, DPA Countermeasures include reducing leakage, introducing amplitude and temporal noise, balancing hardware and software, incorporating randomness, and implementing protocol level countermeasures.