Secure-IC

As part of Secure-IC’s iSSP (integrated Security Service Platform), Secure-IC is able to provide integrated Secure Elements (iSE) that can act as trust anchors that protect the security assets of a device. An iSE – also referred as HSM or Security Subsystem or Root of Trust – is an IP block that can be embedded into every device to ensure security services such as key management, lifecycle management, Secure Boot & updates

Secure-IC’s Securyzr provides the core security services required to build a security architecture for a wide variety of devices and connected objects: mobile, payment device, smart card, ECU, Set-Top-Box, and HSM.

Key features

• Services:
  • Secure Boot
  • Secure Firmware update
  • Life-cycle management
  • Secure Key and certificate Management (storage, generation, revocation, provisioning)
  • Cryptographic service (encryption, decryption, Digital signature computation & verification, hash computation)
  • Secure Connectivity support (TLS, IPSec)
• Tunable embedded cryptography (AES, RSA, ECC, Whirlpool, SM2, SM3, SM4, etc.)
• Certification-ready (FIPS-140-3, OSCCA, Common Criteria)
• Compliant with highest security level
• Tunability by market requirement (automotive, IoT, Smart Grid, STB, AI chip, etc.)
• Compliant with standardized API (PKCS #11)
• 32-bit RISC-V secure processor – Secure Software Isolation

Benefits

• Easy to integrate
  – Tunable solution
  – Fully digital
  – AMBA interface
  – Strong technical support (HW and SW)

Random number generation is a keystone in security.

Secure-IC offers both True Random Number Generator (TRNG) resilient to harmonic injection for statistically independent sets of bits generation and Deterministic Random Bit Generator (DRBG) for high bitrates requirements. These random generators are compliant with all required statistical tests suites.

Key features

• Fully Digital and based on standard cells
• Compliant with: AIS-31 (PTG.1 to PTG.3), NIST FIPS 140-3, NIST SP 800-90, GM/T 0005-2015
• Robust against process, temperature and voltage variations
• Post-silicon fine tuning to ensure high-level functional safety
• Fully hardware AIS-31 embedded tests: “Mono-bit”, “Poker”, “Run” and “Long run” tests
• Fully adaptable according to customer’s needs in terms of throughput, frequency and area
• Easy to integrate
• Compliant with any FPGA and ASIC technology

Benefits

• Tunable solution
• Fully digital
• AMBA interface
• Strong technical support

The storage of a key in a non-volatile memory represents a risk to retrieve the key and a deterministic generation makes the key vulnerable to attacks based on observation.

PUF Security IP is a secret key generation system based on Physically Unclonable Functions. The secret key is extracted by the PUF from the silicon by using its unique intrinsic properties caused by tiny manufacturing discrepancies: technological dispersions are amplified into digital signals (bits of information). The key generated is not readable but extracted using a group of helper-data. This distinctive feature allows a real protection against the reverse-engineering techniques compared to traditional methods that store the key in non-volatile memory.

Key features

• Proven reliability regarding voltage, temperature and aging with error probability much lower than 10-9.
  • Lifetime > 25 years
  • Temperature range: -40°C to 125°C
• Fully Digital and based on standard cells
• Transferable to any Design Kit
• Delivered as soft IP
• Flexible reliability and time to answer
• Free RAM PUF
• Small amount of helper data
• Protected against side-channel observation during key extraction using randomization
• AMBA interface
• Easy to integrate

Benefits

Master Key generation for example for to ensure firmware’s confidentiality

Addressed Threats

• Firmware tampering
• Invasive probing
• Side-channel analysis
• Fault injection analysis
• Invasive hardware modifications (FIB)
• Used for root of trust establishment

SW implementation of cryptographic engines.

Necessary algorithms for these applications and optional support or joint development:

• Secure Boot
• AES
• HMAC or RSA or ECC
• Full Disk Encryption
• AES-XTS
• AES
• HMAC

Countermeasures

• Protection against timing attacks, including cache attacks
• Protection against Row Hammer attacks

Optionally

• Protection against embedded system attacks
• Hardware TRNG, for key generation, IV generation

Key features

• Against attacks on software
• Certification ready

Cryptographic Library:

• AES Software Implementation
• RSA Software Implementation
• ECC Software Implementation
• Hash Software Implementation
• MAC Software Implementation

The Digital Sensor is designed to detect various threats belonging to the family of Fault Injection Attacks (FIA):

• Input clock frequency (clock glitches, Overclocking): reduction of the clock period to provoke a critical path violation.
• Input voltage (power glitches, underfeeding): reduction of supply voltage to increase the propagation delay of combinational logic.
• Temperature (heating): modification of the temperature to increase the propagation delay.
• Radiations (laser spot, light spot, Electromagnetic): provoke bit set or reset in registers by irradiation.

Digital Sensor converts all monitored stresses into a timing stress which is then measured. When a threat is detected, it provides the system with a measurement of the threat’s level and it raises the hardware alarm.

To instate a security module, as a security headquarter, handling all security events and statuses, Secure-IC developed Smart Monitor. It has the ability to centralize all information concerning the health of the device. In addition, it can be interfaced with customer’s sensors (analog or digital) to increase the sources of information and specific data.

Key features

• Detects global and local fault injections as laser, EMFI, clock or temperature
• Real-time hardware alarm
• Also provides a stress level status vector
• No calibration after design
• Fully Digital and based on standard cells
• Transferable to any Design Kit

Benefits (Digital Sensor)

• Easy to integrate
• Lightweight
• AMBA interface
• Strong technical support

Active Shield technology is designed to deter intrusive attacks by placing a mesh over the sensitive parts of the circuit and actively monitoring the mesh’s integrity. This counter-measure protects the circuit’s features such as metal routing and transistors that are beneath the mesh from undetected access or modification through the front-side, including:

• Wire micro-probing to read or force an equipotential with Focused Ion Beam
• Wire cutting (e.g. alarms, entropy source disconnection from a TRNG…)
• Wire re-routing
• Burnt fuses opening
• ROM Altering
• Scanning imaging attacks (PICA, LVP/LVI)

The mesh is actively monitored using random cryptographically-generated patterns to detect integrity violations. By using this technology, modifying and rerouting the mesh becomes very costly.

The data travelling through the shield mesh cannot be predicted by the attacker, because it is output by a cryptographic block cipher.

Key features

• Protection against cutting and probing
• Anti-tamper solution with a mesh placed over the sensitive parts of the circuit (analog/digital/memory) and actively monitored
• Uses randomly cryptographically-generated patterns to detect integrity violations
• Mesh can be interleaved with P/G network in topmost layers (no need to sacrifice a layer)
• Easy to integrate (STA, DRC, Antenna clean, JTAG)
• Lightweight
• No calibration after design
• Transferable to any Design Kit
• AMBA interface

Benefits

• No dedicated metal layer
• Compatible with existing power mesh
• Fully digital and deployable in any Design Kit
• Strong technical support

The Cyber Escort Unit is designed to fill the security gap between software cybersecurity and hardware by escorting step by step the program execution to achieve high execution performances in a secure way, allowing advantageously real-time detection of zero-day attacks. Unique on the market, this product builds the foundation for hardware-enabled cybersecurity.

It comprises technologies for detecting and deceiving cyberattacks. This technology acts on-the-fly. Precisely, CyberEU is a two-fold technology aiming to protect against four threats:

• Return oriented programming (ROP), Jump Oriented Programming (JOP): The attacker reuses chunk of code to assemble a malicious program as a patchwork.
• Stack Smashing, by exploiting a buffer over run or integer under-or-overflow etc.: the attacker crafts some fake stack frames in order to change the program context.
• Executable Code Modification, overwrite: the attacker manages to change the genuine program into a malicious program.
• Control Flow hijacking: the attacker manipulates the program so that it calls an illicit function, or it takes an illicit branch.

Key features

• Hardware protection on processor
• Compliant with all processor families
• Escort step by step the program execution
• Protection against Cyber-attack (ROP, JOP, Buffer overrun, etc.) and Fault Injection attack targeting the code execution
• Real-time detection of Zero Day attack
• Stops the attack before it is executed

Benefits

• Easy to integrate
• No processor modification
• Agnostic for the program
• Fully digital
• AMBA interface
• Strong technical support

The Hash Algorithm (SHA) family includes MD5, SHA-1, SHA-2, SHA-3, SM3, Whirlpool.

In 2012, the algorithm Keccak developed by a Western European team was selected as the winner of the NIST contest and became the new hash function standard known as SHA-3.

Whirlpool is a hash function which construction is based on a substantially modified Advanced Encryption Standard architecture. It takes a message of any length less than 2256 bits and returns a 512-bit message digest.

The SM3 hash algorithm is a cryptographic hash function designed by the Chinese Commercial Cryptography Administration Office (CCCAO) in order to propose new standard for digital signature generation. The SM3 algorithm is very close to the FIPS SHA-256 algorithm.

The HMAC hardware module allows performing NIST HMAC algorithms as standardized in the FIPS 198-1. The module is coupled with one of the standard hash algorithm, SHA-1, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512 or SM3 to produce a tag.

Key features (all mixed)

• Tunable performance (area and performance) – From low area to high-performance
• SCA Protected
• FIPS, GM/T 0004-2021, GB/T 32905-2016 compliant

Benefits

• Easy to integrate
• Tunable solution
• Fully digital
• AMBA interface
• Strong technical support

The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S National Institute of Standards and Technology (NIST) in 2001. It is included in the ISO/IEC 18033-3 standard.

AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting.

The Data Encryption Standard (DES) is defined in FIPS PUB 46-3 as a symmetric-key algorithm. The triple DES (TDES) is block cipher that applies the DES algorithm three times to each data block. The TDES is defined in ANS X9.52-1998, NIST SP 800-67 rev-1 and ISO/IEC 18033-3:2010.

TDES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting.

SM4 is a standardized block cipher used in the Chinese National Standards.

Key features

• AES supported key sizes: 128, 192 and 256 bits
• Multiple modes supported: ECB, CBC, CFB, OFB, CTR, CMAC, CCM, GMAC, GCM, XTS
• Supported operations: DES, 3DES (TDES112, TDES168)
• Compliant with NIST SP 800-38 / FIPS PUB 46-3, NIST SP800-67 / GM/T 0002-2012 and GBT.32907-2016
• Tunable performance (area and performance) – From low area to high-performance
• Secure-IC patented SCA countermeasures
• Additional cipher functions available: RC4, Kasumi, Chacha20, ARIA, etc.

Benefits

• Easy to integrate
• Tunable solution
• Fully digital
• AMBA interface
• Strong technical support

This PKC IP provides comprehensive ECC and/or RSA encryption / decryption / signature / verification functionalities with hardware acceleration for modular arithmetic operations.

The RSA IP is composed of two parts:

• The RSA Software library which is run on the host CPU. This CPU can be the main CPU or a dedicated CPU (can be provided by Secure-IC).
• The RSA Hardware accelerator and its dedicated RAM.

A benefit of using elliptic curve cryptography is a smaller key size than RSA-based system to provide the same level of security. For example, a 256-bit elliptic curve public key provides the same level of security than a 3072-bit RSA public key.

The ECC IP provides secure ECC primitives such as signature/verification with ECDSA and SM2, with hardware acceleration for modular arithmetic operations.

The ECC IP is composed of two parts:

• The ECC Software library which is run on the host CPU. This CPU can be the main CPU or a dedicated CPU (can be provided by Secure-IC).
• The ECC Hardware accelerator and its dedicated RAM.

Key features

• RSA up to 4096-bit key length
• ECC up to 521-bit key length
• Multiples primitives and protocols supported: ECDH, ECDHE, ECDSA, EdDSA, DH, SM2, etc.
• Tunable solution (area and performance) – From low area to high performance
• Tunable CPU offload (up to 100%)
• Secure-IC patented SCA countermeasures

Benefits

• Hardware segregation with a mailbox
• Easy to integrate
• Tunable solution
• Fully digital
• AMBA interface
• Strong technical support

Memory protection IP protects the memory content against reverse engineering and tampering.

• Compliant with any kind of memory: DDR, ROM, OTP, Flash, etc.
• Protecting raw memory content from malevolent access
• Available with zero latency or high frequency
• Light implementation
• Fault injection detection available as an option

Key features

• Encryption/decryption of the memory content
• Optional integrity of the memory content
• Optional address scrambling
• Encryption/decryption based on AES or Lightweight cryptography
• Low latency
• Tunable performances (throughput, area, latency)

Benefits

• Easy to integrate
• Tunable solution
• Fully digital
• AMBA interface
• Strong technical support