Secure-IC provide Chip Security Protection IP Cores: Cryptographic algorithm IP such as AES, DES, 3-DES, ECC, RSA, SM2, SM3, SM4, SHA1, SHA2, SHA3, HMAC, countermeasure IP such as TRNG, CTR-DRBG RNG, Digital Sensor, Active Shield, PUF, Smart Monitor, Scrambled Bus, Memory Ciphering, Cyber CPU, Secure Clock, Secure Book, Secure Monitor, Secure JTAG, etc.
Anti Synchronization to prevent efficient SCA and FIA, Digital
Anti Synchronization to prevent efficient SCA and FIA, Digital
1. PROBLEM SOLVED
Side-channel attacks (SCA), in particular single power analysis (SPA), differential power analysis (DPA), and even electromagnetic analysis (EMA) are simple non-intrusive ways (in terms of human, material and financial resources) to extract keys and compromise the security of tamper-resistant system. They are mainly based on the analysis of a time-resolved physical quantity and can be easily automated without the need to know the system’s architecture. These attacks were time-consuming (400 traces in 22 hours [1], with 1000 to 10000 traces for a DES [2]) but are strongly accelerated with some modern lab equipment.
Fault injection attacks (FIA) are intrusive attacks that can be led by tampering with a circuit's nominal behavior. Generally, these attacks must be injected at strategic and precise moments to be effective. If the attacks need a high technology equipment, they only require few operations to break security means. Examples are PIN code verification skipping or security status forcing to a desired value, or even attacks on cryptographic IP cores [3] where a timely disturbance injected with the computation of an AES can suffice to recover its key.
The Secure Clock IP core is a PRNG-based hardware implementation of a random clock jitter injection and/or a random clock cycle inhibition. It is intended to clock feed all desired hardware, creating a secure clock domain within the System on Chip host.
Each edge of the Secure Clock output is randomly delayed and/or randomly inhibited in order to make the experimental setup far more complex for the attacker. It significantly increases the needed acquisition traces used by side-channel analysis, and it fuzzes the relevant fault injection moment used by fault injection attacks.
[1] R. Junee, “Power analysis attacks: a weakness in cryptographic smart cards and microprocessors," Ph.D. dissertation, University of Sydney, 2002.
[2] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis," in Advances in Cryptology - CRYPTO'99. Springer, 1999, pp. 388/397.
[3] M. Joye and M. Tunstall, Fault Analysis in Cryptography. Springer, 2012.
2. GLOBAL OVERVIEW
• Completely digital (based on FPGA fabric resources or standard cell Design-Kit)
• Easily transferable to any design kit
• three modes are available:
• fine mode: insert a random jitter
• coarse mode: inhibit clock cycles randomly
• mixed mode
• SCA resilient PRNG
Secure-IC provide various security IP cores as following list (keep updating).
| AES | Encryption, against Side-Channel Attacks |
| DES / 3-DES | Encryption, against Side-Channel Attacks |
| RSA | Encryption, against Side-Channel Attacks |
| ECC | Encryption, against Side-Channel Attacks |
| HASH (SHA-1/MD-5) | Encryption, against Side-Channel Attacks |
| SM2 | Encryption, against Side-Channel Attacks |
| SM3 | Encryption, against Side-Channel Attacks |
| SM4 | Encryption, against Side-Channel Attacks |
| TRNG | True Random Number Generator,Digital,against Harmonic EM Attacks |
| PUF | Digital, Anti Cloning/Counterfeiting,100% Unique, Random and Steady ID Generation |
| Digital Sensor | Anti Fault Injection Attacks, All-in-one Fault Injection Detector, Entirely Digital |
| Active Shield | Active Protection against Intrusive Attacks on ASIC, Anti Intrusive Hardware Modification. |
| Scrambled BUS | Encrypted Information to Prevent Probing on BUS, Anti Eavesdroping |
| Memory Ciphering | Memory Protection Against Reverse Engineering and Tampering |
| Secure Clock | Anti Synchronization to prevent efficient SCA and FIA |
| Secure JTAG | Authentication System to Secure the debugging channel on chip, Anti JTAG Violation |
| Secure Boot | Maximum security-enabling root-on-trust, Anti Firmware Tampering |
| Secure Monitor | Maximum security-enabling monitoring, Security policy bypass |
| CyberCPU CPU | CPU-agnostic Cyber Attack Sensor |
Current Products:Security IP: Secure Clock
Back
