As Nathaniel Mott of Tom’s Hardware reports, Rambus’ countermeasures will help protect NVIDIA’s GPUs from side-channel attacks that steal encryption keys by measuring the power consumption of a device.

“Attacks like this can be used to break into protected systems and undermine the common encryption protocols used to secure private data,” he writes. “As computers control more objects–be it through AI, self-driving vehicle technologies, or the rise of the Internet of Things (IoT)–these side-channel attacks could simultaneously grow in popularity and in their ability to wreak havoc on people’s lives.”

By licensing DPA countermeasures, says Mott, NVIDIA is making sure it’s prepared for all types of potential attacks.

“It’s not enough to encrypt information, prevent it from being posted to the internet, or even making sure a device is completely self-contained,” he explains. “If someone can conduct a side-channel attack, there’s a good chance they’ll be able to gain access to devices to use them for nefarious purposes… Increasingly connected lives create a growing number of attack vectors, which means Rambus and NVIDIA working together to block these attacks is likely to pay off sometime in the near future.”

As we’ve previously discussed on Rambus Press, DPA is a type of side-channel attack that involves monitoring variations in the electrical power consumption or EM emissions from a target device. These measurements can then be used to derive cryptographic keys and other sensitive information from silicon.

This is why Rambus’ Cryptography Research division has developed a comprehensive portfolio of application-specific hardware core and software library solutions that can be used to build DPA resistant products. It should be noted that Rambus has licensed its DPA countermeasures to a number of companies over the past year, including Boeing, Winbond, NAGRA and The Athena Group.

Interested in learning more? You can check out our DPA countermeasures product page here.

The agreement allows Athena customers to obtain, directly from Athena, advanced countermeasure solutions that rely on Rambus Cryptography Research patents to protect against side-channel attacks. By utilizing advanced countermeasures implementations, Athena customers can ensure the data integrity of products that run applications requiring a high level of security, particularly those serving the aerospace and defense sectors.

“Securing cores against DPA attacks is a top priority for us and for our customers,” said Monica Murphy, president and CEO of Athena. “This expanded agreement with Rambus enables us to accelerate the adoption of advanced countermeasure solutions designed to counteract that risk. By providing our customers with a license to use Rambus Cryptography Research inventions in connection with our extensive portfolio of cryptographic cores, we can streamline the use model and make it significantly easier for customers to adopt this critical technology.”

According to Paul Kocher, chief scientist of the Rambus Cryptography Research division, today’s leading manufacturers are looking for solutions to counter the increasing threat of side-channel attacks.

“Broader and faster adoption of DPA Countermeasures in the FPGA ecosystem will ensure that components are insulated from these types of vulnerabilities,” he added. “Athena’s increased ability to rapidly engage and deliver solutions based on our portfolio of DPA countermeasures patents will bring significant benefits to the industries they serve, where safety and security are paramount.”

As we’ve previously discussed on Rambus Press, DPA, or differential power analysis, is a type of side-channel attack that monitors variations in the electrical power consumption or EM emissions from a target device. These measurements can be used to obtain cryptographic keys and other sensitive information from semiconductors.

As such, the Rambus Cryptography Research division has designed a range of DPA countermeasures that offer a combination of software, hardware and protocol techniques specifically designed to protect tamper-resistant devices from side-channel attacks. These include leak reduction, incorporating randomness, generating amplitude and temporal noise, as well as executing protocol-level countermeasures.

Episode 5, “3xpl0its.wmv,” which aired on July 22nd, 2015, also featured proximity card cloning. As Blue describes:

“In a cafe, Mr. Robot clones a Steel Mountain employee badge using a device in his backpack. This may have been something from Bishop Fox, whose Francis Brown presented research on badge cloning at Def Con 21 (‘Live Free or RFID Hard,’ 2013). Still, there are a number of devices that do this, and a Proxmark 3 would be Mr. Robot’s most likely tool choice here.”

According to Swati Khandelwal of Hacker News, skilled RFID hackers have “repeatedly” used various side channel attack methods to steal information and secret cryptographic keys. Of course, devices such as smartphones, tablets and laptops also contain cryptographic keys tasked with protecting payments, VPN/network connections and on-device flash memory.

While some mobile devices include basic countermeasures, many lack sufficient protection and can therefore be easily compromised. Indeed, even a simple radio is capable of gathering side-channel information by eavesdropping on frequencies emitted by mobile devices and cards.

Although the second season Mr. Robot storyline remains a closely guarded secret, one can’t help but wonder if additional side-channel attacks and hacks will make their way into the wildly popular show. It would also be interesting to see how the show runners may choose to portray various side-channel countermeasures, particularly if the authorities becomes more involved in trying to combat the fictional fsociety.

Indeed, as creator and showrunner Sam Esmail recently told The Hollywood Reporter, Evil Corp won’t remain the sole antagonists of fsociety. “Now we’re dealing with a much larger issue, and I think the law enforcement, in some way, will make a presence in season two, which I think is an interesting new group of characters to explore,” Esmail added.

Perhaps not surprisingly, a number of Robot hacks have actually occurred in reality, ranging from compromised PLC devices to malware-packed USB sticks dropped in parking lots to tempt unsuspecting victims.

“The show gets people on a certain wavelength when they realize oh, my webcam really can be used to spy on me,” Kor Adana, a writer for the hit series, told a cyber-security conference in January. “And maybe I shouldn’t just blindly accept a CD from a street peddler. [Robot] illustrates the very real risks for the average person. An increased level of paranoia is clearly a good thing in this landscape. It comes along with the territory, because we know how to exploit these vulnerabilities.”

“[The cards use] AES-128, which is supposed to be virtually unbeatable by a brute-force attack, but turns out to be easy to defeat using side-channel analysis,” explained Iain Thomson of The Register. “Side-channel attacks measure things like power consumption, electromagnetic emissions and heat generation to work out what is going on in a chip. The technique has been around for years, and requires physical access to the target device.”

Have you read our primer?
– Side-channel attacks: explained

As Thomson reports, Yu Yu and his university team tracked power levels using an oscilloscope, monitored data traffic with an MP300-SC2 protocol analyzer and correlated the results with a SIM card reader and a standard PC.

“With this simple setup they cracked eight commercial SIM cards in between 10 and 80 minutes,” said Thomson. “Yu [also] demonstrated how the cloned SIM card can successfully impersonate the owner in class [and] showed how a cloned card could change the password on an Alipay and potentially drain the account.”

According to Yu, the above-mentioned hack is based on known differential power analysis attacks.

“The move to AES-based encryption algorithms in 3G/4G USIM cards did not systematically take advantage of state-of-the-art countermeasures against side-channel attacks,” he added. “Indeed, the USIM cards we analyzed essentially relied on plain (unprotected) software implementations of the AES.”

Helena Handschuh, a Director at Rambus’ Cryptography Research division, co-designed the MILENAGE standard discussed in Yu’s Black Hat paper. According to Handschuh, AES-128/Rijndael was chosen for MILENAGE in 2001 so that side-channel countermeasures could be easily incorporated in a SIM-class platform.

“Yu Yu’s paper demonstrates once again that, even though these algorithms are mathematically strong and unbroken, all implementers of crypto need to be aware of side-channel attacks and take appropriate steps to mitigate them,” Handschuh concluded.

As we’ve previously discussed on Rambus Press, physical electronic systems routinely leak information about the internal process of computing. In practical terms, this means attackers can exploit various side-channel techniques to gather data and extract secret cryptographic keys.

As such, the Rambus Cryptography Research division has designed a range of DPA countermeasures that offer a combination of software, hardware and protocol techniques specifically designed to protect tamper-resistant devices from side-channel attacks. These include leak reduction, incorporating randomness, generating amplitude and temporal noise, as well as executing protocol-level countermeasures.

Interested in learning more about how Rambus is helping to secure SoCs, devices and content? You can read more about our DPA countermeasures here, CryptoFireWall Cores here and CryptoManager platform here.