Intro

The HMAC-SHA2-DPA-FIA IP core belongs to the FortiMac product family. Like all the FortiMac product family members, this IP provides ultra-strong protection against SCA and FIA using a very low number of standard digital gates.

The underlying protection is purely algorithmic and implementation-agnostic. Resistance to attacks was validated analytically and on a physical device. The protection is based on the Threshold Implementation (TI) approach, the security of which has been proven.

Deliverables
  • Synthesizable Verilog RTL source code
  • Documentation
  • Testbench
  • SDC constraints for synthesis
  • Technical support and assistance
Tech Specs
  • Part Number

HMAC-SHA2-DPA-FIA IP core

  • Short description

Advanced DPA- and FIA-resistant FortiMac HMAC SHA2 IP core

  • Compliant standard

FIPS-180-4

  • Provider

FortifyIQ, Inc.

  • Availability

2023, the second quarter

Applications
  • IoT devices
  • Communications
  • Automotive
  • Secure internet protocols (SSL/TLS, IPSec)
  • Content protection (Set-Top Boxes, SoCs)
  • Virtual Private Networks (VPN)

Request This Core

Features
  • Configurable number of protected rounds
  • Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
  • Protected against fault injection attacks, including SIFA
  • Optional embedded internal PRNG for random masking
  • NIST FIPS 180-4 compliant
  • Supports SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 schemes
  • Auxiliary key port hidden from software
  • Configurable choice of interfaces
    • Bare cryptographic core
    • AMBA AXI or APB
  • Optional input data FIFO
  • External DMA support
  • Fully synthesizable
Benefits
  • Ultra-strong side-channel attack protection (at least 1B traces)
  • Protected against fault injection attacks, including SIFA
  • Highest-level security verified both by FortifyIQ and by a third-party Common Criteria lab.
  • A purely digital solution, agnostic to the specific implementation (ASIC/FPGA, etc.)

HMAC-SHA2-DPA-FIA IP Core – Advanced DPA- and FIA-Resistant FortiMac HMAC SHA2 IP Core

Fortify’s AES security evaluation by SGS

“Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”

” The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own.”

Request Technical Details