The HMAC-SHA2-DPA-FIA IP core belongs to the FortiMac product family. Like all the FortiMac product family members, this IP provides ultra-strong protection against SCA and FIA using a very low number of standard digital gates.
The underlying protection is purely algorithmic and implementation-agnostic. Resistance to attacks was validated analytically and on a physical device. The protection is based on the Threshold Implementation (TI) approach, the security of which has been proven.
Advanced DPA- and FIA-resistant FortiMac HMAC SHA2 IP core
Overview
Key Features
- Configurable number of protected rounds
- Passes the rigorous Test Vector Leakage Assessment (TVLA) test at 1B traces
- Protected against fault injection attacks, including SIFA
- Optional embedded internal PRNG for random masking
- NIST FIPS 180-4 compliant
- Supports SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 schemes
- Auxiliary key port hidden from software
- Configurable choice of interfaces
- Bare cryptographic core
- AMBA AXI or APB
- Optional input data FIFO
- External DMA support
- Fully synthesizable
Benefits
- Ultra-strong side-channel attack protection (at least 1B traces)
- Protected against fault injection attacks including SIFA
- Highest-level security verified both by FortifyIQ and by a third-party Common Criteria lab.
- A purely digital solution, agnostic to the specific implementation (ASIC/FPGA, etc.)
Applications
- IoT devices
- Communications
- Automotive
- Secure internet protocols (SSL/TLS, IPSec)
- Content protection (Set-Top Boxes, SoCs)
- Virtual Private Networks (VPN)
Deliverables
- Synthesizable Verilog RTL source code
- Documentation
- Testbench
- SDC constraints for synthesis
- Technical support and assistance
Technical Specifications
Availability
Now
Related IPs
- Advanced HMAC SHA2 DPA- and FIA-Resistant Software Library
- Multi Protocol IO Concentrator (RDC) IP Core for Safe and Secure Ethernet Network
- Advanced DPA- and FIA-resistant FortiCrypt AES SW library
- Advanced Encryption Standard (AES-128) core with AMBA AHB interface
- ColdFire V1 core with EMAC, Divider and Cryptograhic unit
- ColdFire V2 Core with single Fast Ethernet and AMBA peripherals connected in a subsytem