FortifyIQ’s AES-SW library delivers high-performance protection against side-channel (SCA) and fault injection attacks (FIA) through OTA deployment, enabling compliance with FIPS 140-3, Common Criteria AVA_VAN.5, and SESIP. It secures both new and already-deployed devices, including those without hardware countermeasures, and is proven in millions of systems.
AES-SW achieves outstanding performance even on low-end processors, 100 Mbps on a 1.2 GHz ARM and 900 Mbps on a 3.4 GHz laptop, while supporting all AES chaining modes. The library integrates STORM, FortifyIQ’s advanced protection scheme, to block DPA, SIFA, cache, and other advanced attacks.
Portable and processor-agnostic, AES-SW provides consistent, high-assurance security across MPUs and MCUs. Validation includes no TVLA leakage in 100K noiseless traces and proven resistance at Common Criteria AVA_VAN.5 and FIPS 140-3 Levels 3–4.
A command-line interface is included for rapid encryption and decryption tasks.
FortifyIQ | Competitors | |
High Security | ![]() | ![]() |
High Performance | ![]() | ![]() |
* We compare only against solutions with uncompromised security
Deliverables
- The folder with the public header files of the library
- The folder with the library with which to link
- The folder with the command-line application (optional)
- The folder with the integration rules for the CMake build system
- Technical support and assistance
- Security documentation
Tech Specs
- Part Number
AES-DPA-FIA SW library
- Short description
Advanced DPA- and FIA-resistant SW library
- Compliant standard
FIPS-197
- Provider
FortifyIQ, Inc.
- Availability
Now
Benefits
- Can fix unprotected/vulnerable HW solutions already in the field
- Ultra-strong SCA and FIA protection, including SIFA
- Throughput up to 900 Mbps on a 3.4 GHz laptop CPU, up to 100 Mbps on a legacy 1.2 GHz mobile phone processor
Request Library Access
Features
- Ultra-strong side-channel and SIFA protection at high performance
- NIST FIPS-197 compliant
- AES-128/192/256 encryption and decryption
- Tunable protection level
- Supports all chaining modes: ECB, CBC, CFB, OFB, CTR, XTS, CCM
- Portable to any CPU/MCU/MPU
ApplicationsPerformance note: FortifyIQ software libraries provide robust security and full cryptographic functionality for many applications. However, systems with extreme performance or low-latency requirements may benefit from hardware-based protection.
- Legacy and cost-constrained devices without hardware security
- IoT and embedded devices with OTA updates
- Automotive systems and long-lifecycle ECUs
- Content protection (Set-Top Boxes, SoCs, UHD streaming)
- Government and critical infrastructure systems
- Medical devices and healthcare systems
- Secure internet protocols (SSL/TLS, IPsec, VPNs) for embedded devices, legacy systems, and moderate-throughput applications.