FPGA cores feature cryptographic countermeasures

"DPA countermeasures are critical to any tamper-resistant system," said Paul Quintana, Director of Vertical Marketing, Defense, Security and Computing, Microsemi. "As threat vectors increase in sophistication, so must the security solutions. Microsemi customers are looking for the most robust and proven anti-tamper and information assurance capabilities for their products. Athena is now delivering its best-of-breed family of silicon-proven security products as soft IP for license on the industry's only DPA-resistant FPGAs certified by Rambus Cryptography Research, SmartFusion2 and IGLOO2."

Athena's robust, innovative DPA countermeasure solutions deliver resistance to side channel monitoring attacks across a broad range of standard cryptographic algorithms and performance levels used for embedded applications in markets including defence, communications and industrial. These silicon-proven cores have been recently enhanced to resist SCA/DPA attacks up to 1bn traces and can be optimised for size, speed and security level based on customer requirements. Furthermore, since select SmartFusion2 and IGLOO2 FPGAs are the only FPGAs already licensed for Rambus Cryptography Research's DPA patent portfolio, no additional license is required from Rambus Cryptography Research for use of the Athena IP cores with the licensed Microsemi FPGAs.

"Partnering with Microsemi, a leader in highly secure, low-power FPGAs, to offer SmartFusion2 and IGLOO2 customers the most robust countermeasures available, has been groundbreaking," said Stuart Audley, Director of Engineering, Athena. "To give Microsemi customers confidence that they are deploying IP with effective countermeasures, Athena has pushed the limits of test vector leakage assessment testing of our DPA solutions. We have demonstrated through measurements and statistical analysis that even after a billion traces, leakage is effectively minimised."

Microsemi's SmartFusion2 and IGLOO2 DPA-resistant FPGAs deliver design security and protection for the valuable IP embodied within users' programmable designs. While users choose SmartFusion2 and IGLOO2 for these capabilities, many users require additional cryptographic data security soft IP as part of their own programmable applications. Teaming with Athena enables users to employ sophisticated cryptographic microprocessor technology employing advanced DPA countermeasures as a soft IP, maintaining the highest levels of data security throughout the device/application operational cycle.

DPA and Differential ElectroMagnetic Analysis (DEMA) are types of SCA that involve monitoring variations in the electrical power consumption or electromagnetic emissions from a target device, respectively. DPA and DEMA attacks are non-invasive, easily automated and can be mounted without knowing the design of the target device. Unlike invasive tampering, electromagnetic attacks can even be performed at a distance.

As an example, electromagnetic attacks on cell phones have been demonstrated at a range of 30ft. DPA and DEMA countermeasures are essential to protect devices that use cryptographic keys, especially sensitive defense applications that require strong anti-tamper protection of advanced electronics and commercial devices that perform high-value processing, including mobile devices and IoT endpoints.

A U.S. Department of Commerce report found IP theft costs U.S. companies $200bn to $250bn annually, while the Organization for Economic Cooperation and Development estimates counterfeiting and piracy cost companies as much as $638bn per year. The SmartFusion2 and IGLOO2 FPGA's design security protocols protect confidentiality, integrity and authenticity of the customer's design IP throughout the life cycle of the FPGA, substantially reducing the risk of IP theft during manufacturing or from fielded systems. Complementing the FPGA's built-in features such as a hard true random bit generator, the Athena TeraFire IP allows users to build tamper-resistant systems using secure Microsemi FPGAs that further use the Athena soft IP and cryptographic techniques to prevent system-level counterfeiting, and to provide other information assurance services vital to the security of the user's system.

This integrated security solution of Microsemi FPGAs with the TeraFire DPA-resistant cryptographic cores, with its combination of advanced security and countermeasures, provides a safe, tamper-resistant environment for use of cryptographic keys. This is accomplished by limiting information leakage in both power consumption, protecting against DPA, simple power analysis and correlation power analysis and electromagnetic emissions, protecting against simple electromagnetic analysis and differential electromagnetic analysis.

Microsemi has been granted certification of all SmartFusion2 and IGLOO2 FPGAs for seven protocols and services used to implement design security in these devices under the DPA Countermeasure Validation Program developed by Rambus Cryptography Research Division after a thorough assessment by an accredited third-party security laboratory.