New ChipWhisperer-Lite 32-bit takes aim at evaluation security of cryptographic libraries and security mechanism for IoT applications.

Home > Press > New ChipWhisperer-Lite 32-bit takes aim at evaluation security of cryptographic libraries and security mechanism for IoT applications.

New ChipWhisperer-Lite 32-bit takes aim at evaluation security of cryptographic libraries and security mechanism for IoT applications.

Halifax, Canada: NewAE Technology Inc. is proud to introduce the newest hardware version of their revolutionary open-source platform for performing advanced hardware security attacks such as power analysis and fault injection attacks, the “ChipWhisperer-Lite 32-Bit”. This uses an Arm®-based evaluation target, onto which a variety of cryptographic code and security algorithms can be loaded. The ChipWhisperer-Lite allows engineers to evaluate the security of the target code against advanced attacks such as side-channel power analysis and fault injection attacks.

“The evolution of our example board to include an Arm®-based 32-bit target is a long-standing customer request”, explains Dr. Colin O’Flynn, C.T.O. of NewAE Technology Inc, “and is a testament to the expanding popularity of Arm® devices in IoT products which remain cost-sensitive but often need to have higher security level due to their interconnected capabilities”.

The ChipWhisperer® project contains a variety of open-source tools, designed to help engineers evaluate device and code security against advanced attacks that can break typical cryptographic implementations. By providing engineers with a complete toolchain include software, hardware, and documentation, NewAE Technology Inc. is help engineers make smart security decisions so they understand how these advanced attacks function. By understanding the attacks, products can be designed to resist them or reduce the impact when broken.

“Side channel power analysis and fault injection attacks were first publicly disclosed over 18 years ago, but the lack of easily accessible evaluation tools means products released today often remain trivially vulnerable to these attacks”, continues Dr. O’Flynn. The ChipWhisperer series of tools includes a variety of hardware and software, much of it open-source to allow further extensions by customers and users.

The ChipWhisperer-Lite line represents the current lowest-cost evaluation platform for these attacks. It integrates the power measurement functionality (meaning no oscilloscope is required), using NewAE Technology Inc’s synchronous sampling technology. The same board hosts a STM32F3 (Arm® Cortex®-M4 based) device which code such an AES bootloader or Arm® Mbed™ TLS Stack can be loaded on. The ChipWhisperer-Lite 32-bit allows evaluation of this code, with various examples and tutorials posted online at http://www.ChipWhisperer.com .

In addition to power analysis, the ChipWhisperer-Lite can also perform fault injection using clock and voltage glitching. These attacks allow corrupting of internal memory, registers, or device states. By performing evaluation of the code against these attacks, the designers can build better defenses into their devices.

The ChipWhisperer-Lite 32-bit is available now for $250 US from NewAE Technology’s worldwide distributor Mouser Electronics, along with NewAE Technology’s online store. The product number is “NAE-CWLITE-ARM”.

 

Arm®, Cortex® and MBED® are registered trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere.

ChipWhisperer® is a registered trademark of NewAE Technology Inc in the US and/or elsewhere.