Contact Us

FortiMac Library Advanced HMAC SHA2 DPA- and FIA-Resistant Software Library

The FortiMac library belongs to the FortiMac product family. This software library provides ultra-strong protection against SCA, FIA, and cache attacks.

This is the only pure SW solution in the market.The underlying protection is purely algorithmic and implementation-agnostic. Resistance to attacks was validated analytically and on a physical device. The protection is based on the Threshold Implementation (TI) approach, the security of which has been proven.

 

Tech Specs
  • Part Number                       HMAC-SHA2-DPA-FIA SW library
  • Short description               Advanced DPA- and FIA-resistant FortiMac HMAC SHA2 SW library
  • Compliant standard           FIPS-180-4
  • Provider                               FortifyIQ, Inc.
  • Availability                           Now
Benefits
  • Countermeasures against power and electromagnetic analysis attacks by pure SW means
  • Can fix unprotected/vulnerable HW solutions already in the field
  • Excellent performance

Features

  • Ultra-strong side-channel protection
  • NIST FIPS 180-4 compliant
  • Supports SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 hash functions
  • Supports HMAC based on any one of these hash functions
  • Portable to any CPU/MCU/MPU

Request Technical Details

Applications

  • IoT devices
  • Communications
  • Automotive
  • Secure internet protocols (SSL/TLS, IPSec)
  • Content protection (Set-Top Boxes, SoCs)
  • Virtual Private Networks (VPN)

Deliverables

  • The folder with the public header files of the library
  • The folder with the library with which to link
  • The pkg-config file with the library metadata for integration with build systems

Related Products

HMAC-SHA2-DPA-FIA IP Core

Advanced DPA- and FIA-Resistant FortiMac HMAC SHA2 IP Core 

Request Full Document
Fortify’s AES security evaluation by SGS

“Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”

” The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own.”

Request Technical Details