Are you developing a connected device implementing sensitive cryptographic algorithms? Whether for certification requirements or for security resilience, you need to forge your opinion about the side-channel resistance and perform the corresponding analysis on your device or implementation and make sure the secret keys remain undisclosed.
Facing a weakness against side-channel can be hard to fix. And secure chips do not always provide the full security level, even with a dedicated crypto engine. This may deserve additional protections at the software layer. At eshard, we have a strong, practical background in secure devices and with this knowledge and expertise we have developed a dedicated bench in cryptography side-channel.
This allows us to support you on the cryptography side-channel aspects with the following services and tools:
- SERVICES: You may be in a position where you want to outsource the side-channel analysis. eshard can perform this for you and provide advanced consultancy and test services. Using our side-channel benches and our software platform esDynamic, our experts have a long run practical experience in performing end-to-end analyses, by doing the measurements, running the signal processing and doing the statistics on various algorithms, such as TDES, AES, and more.
Depending on your needs, we can assist you with:
- performing side-channel testing to analyse a code or validate the countermeasures
- investigating your code or solution and identify potential flaws
- suggesting improvements, by strengthening your code if needed
- providing a technical support during the accreditation for the cryptographic aspects
- TOOLS: esDynamic is a collaborative framework designed to help security experts to perform side-channel analysis and process traces. This platform handles every traces’ source, whether the traces come from a hardware platform or are emulated/data traces. This makes it compatible with every side-channel benches.
This application comes with training to support you during the ramp up phase, so you can take the best out of the tool as soon as possible.
We can arrange a demo with your team to get a dynamic view of the platform and ask us your questions.
You can also take benefit of the specific white box cryptography module, that takes in input your mobile application binary and allows you to deeply analyse the software implementation of the algorithms.
- TRAINING: If you need to strengthen your security team’s knowledge in specific areas in emerging technologies, we can assist you with custom training in connected devices security, mobile security and mobile application security.
We are happy to respond to any questions you may have, and see how we can help you make your product stronger from a security point of view.
Contact us: firstname.lastname@example.org