Patent license secured to boost DPA-resistant FPGAs

Currently the only major FPGA company to use the patented DPA countermeasures, Microsemi has implemented DPA-resistant secure programming and boot-up protocols in its SmartFusion2 SoC FPGAs and IGLOO2 FPGAs. Thecompany will now be able to extend the secure boot protection of these devices to other third-party MCUs, DSPs, GPUs and FPGAs used within the same system. The company will offer the secure boot protection as a reference design that runs on the standard cryptographically-enabled SmartFusion2 and IGLOO2 FPGAs.

DPA is an insidious and powerful technique hackers use to extract secrets, such as cryptographic keys, from an electronic device by externally monitoring the instantaneous power consumed by the device while it is operating on the secrets. CRI’s secure boot is a highly effective security measure that ensures a programmable device such as a MCU, DSP, GPU or FPGA is executing authentic code that has not been tampered with or altered. Microsemi is in a position to be able to offer the enhanced secure boot solution because the company also offers WhiteboxCRYPTO, a software product that allows the secure execution of standard cryptographic algorithms.

“It is more critical than ever to prevent persistent malware implants in boot and application code. Supervisory control and data acquisition (SCADA) systems, routers and data communications systems together control the world’s industrial and communications infrastructure where these threats can be catastrophic,” said Bruce Weyer, vice president of marketing and business operations, at Microsemi. “In addition, the U.S. government and defense contractors are looking to share the cost of defense systems through the expansion of foreign military sales. These DoD contractors are looking for ways to secure their advanced technology systems against reverse engineering and exploitation so they can be exported safely, and our secure boot solution is an important security layer in providing that protection.”

According to the Aberdeen group, by the year 2020 approximately 50 billion machines will be connected. Not only do these machines need to be secure, but they need to be secure in the sense of DPA resistance. Just because a machine or system says it meets the Advance Encryption Standard (AES), it does not necessarily mean it is secure. Microsemi’s DPA countermeasure solution increases system overall security by protecting the keys that are stored in the system against side channel attacks.

“By extending this license, Microsemi and its customers are helping to secure the massive number of processors and FPGAs used in critical industrial, communications, networking and defense applications, many of which are still vulnerable to the DPA attacks,” said Paul Kocher, chief scientist of the Rambus Cryptography Research division. “While the security issues surrounding side channel attacks have continued to gain notoriety, expanding this needed power analysis protection for the boot stage of FPGA devices and processors is an important step towards securing overall systems.”