FortifyIQ's trace analysis tool, TraceIQ, automatically extracts cryptographic keys from power traces of target devices. The keys correspond to a collection of test data consisting of pairs of plain-cipher texts. In addition, it highlights hardware design issues that cause information leakage. These issues can include:
TraceIQ can process actual traces from physical hardware or simulated traces from virtual models, such as when using TraceIQ with FortifyIQ's power consumption simulator, PowerIQ. Traces can be provided in the standard oscilloscope format (LeCroy) or in a format defined by the user with the help of simple syntax. Analysis of the results can be presented as a key value with a report on how it was extracted––both visually in a graph (illustrates leakages) and in a report.
TraceIQ carries out its analysis based on known attack strategies, including the classic Differential Power Analysis (DPA) attack, the split flow by Moradi attack, the template attack, as well a growing library of FortifyIQ proprietary attacks.