Cryptographic side channels are well-known and understood in the industry. There are also many countermeasures against side channels to reduce the leakage risk. However, many implementations in the field are leaky because of the combination of security experts and the absence of a good pre-silicon side channel analysis tool.
For more than 20 years Riscure has been helping chip and device vendors to improve the security of their products. We have observed the ever-changing security landscape, adjusted to the evolving attacker profile, witnessed and reacted to the appearance of well-organized adversaries.
Riscure worked together with Promon to define why mobile app providers should consider getting EMVCo Software-Based Mobile Payment (SBMP) certification.
Hardware Fault Attacks can break software security by revealing secrets during program execution or changing the behavior of a program. Without profound knowledge of these attacks, it is hard to defend code effectively. Whereas traditional secure programming methods focus mostly on input validation and output control, fault resistance requires pervasive protection throughout the code.
With the electrification of modern cars, they become complex and connected computer systems. As such, the automotive industry faces all the cybersecurity issues inherent within the wider software sector. So how do you choose a secure, future-proof platform that will protect your vehicle and your customers from real-world threats throughout the lifetime of the vehicle?
To make it easier for developers to protect their security-critical devices, Riscure created this paper discussing patterns that can cost-effectively mitigate the code.