Author's Latest Posts


Securing IoT Devices With Lightweight Cryptography


The National Institute of Standards and Technology (NIST) recently announced the selection of a new family of cryptographic algorithms called ASCON, which have been developed for lightweight cryptography applications. In this blog, we will explore what lightweight cryptography is and why it is worth considering for specific Internet of Things (IoT) use cases. In summary, lightweight cryptogr... » read more

Leveraging The Benefits Of A FIPS 140 CMVP Certified Root Of Trust IP


Expectations that security IP designs meet the highest security standards are growing rapidly. As companies face increased product development costs and time pressure, choosing an IP that has been certified demonstrates not just compliance with a standard, but offers a valuable tool to reducing overall project risk. The Federal Information Processing Standard (FIPS) 140 is published by NIST,... » read more

Architecting Hardware Protection For Data At Rest, In Motion, And In Use


Planning the security architecture for any device begins with the security threat model. The threat model describes the types of attacks that the device or application may face and needs to be protected against. It is based on what attackers can do, what level of control they have over the product (i.e., remote, or direct access), and how much money and effort they are willing and able to spend... » read more

Setting The Standard For Automotive Security


Vehicle systems and the semiconductors used within them are some of the most complex electronics seen today. In the past, electronics going into vehicle systems implemented flat architectures with isolated functions controlling various components of the power train and vehicle dynamics. These electronic systems communicated primarily through legacy bus interconnect protocols, like controller ar... » read more

DPA Countermeasures Done Right


In the late nineties, Paul Kocher, Josh Jaffe, and Ben Jun published a paper that caused many across industry sectors to reconsider what cryptographic implementations should look like. They described an exploit wherein an adversary could extract secrets from a device by analyzing the power consumption or electromagnetic emittance from the device when it was executing cryptographic operations. S... » read more

Building A Defense In Depth Against Cyberattacks


As the number and type of cyberattacks, from the “simple and cheap” to the “expensive and sophisticated,” continues to grow at a dramatic pace, protection of chips and devices must employ a defense in depth strategy. In this way, if an attacker successfully bypasses a mechanism of protection, they’ll face another layer of defense, rather than a clear path to the assets they seek to ex... » read more

Security Starts With A Threat Assessment


Developing the security architecture for an electronic device begins with building a threat model wherein we ask these questions: What is the operational environment in which the device needs to function? What type of attacks can be identified? What level of access does a potential attacker have to the device? What possible attack paths can an attacker exploit? What resources (... » read more

Architecting Hardware Protection For Data At Rest And In Motion


Planning the security architecture for any device begins with the threat model. The threat model describes the types of attacks that the device or application may face and needs to be protected against. It is based on what attackers can do, what level of control they have over the product (i.e., remote or direct access), and how much effort and money they are willing and able to spend on an att... » read more

Implementing Secure Boot With A Root Of Trust


A boot sequence describes the initial set of operations performed by a device at the start of the boot process. During this stage, available resources reside in some form of local, nonvolatile storage that is readily accessible by the device. The entity initiating the startup sequence is known as a boot loader (or bootstrap loader). The boot loader enables forward progression throughout the ... » read more

Navigating The Seas Of FIPS 140-2 CMVP With Certified Root Of Trust And TRNG IP


No captain worth his salt would set sail without an experienced navigator at his side. Likewise, when navigating the FIPS 140-2 CMVP process, it’s extremely valuable to have a partner that has already successfully made the journey. More specifically, working with a partner that offers CMVP-certified IP can streamline the process and increase the success of achieving CMVP certification of chip... » read more

← Older posts Newer posts →