Inspector SCA - Side Channel Analysis - offers SPA, DPA, EMA, EMA-RF and RFA for embedded devices or Smart Cards. The user has detailed control over the entire side channel testing process. The Inspector architecture offers an open and flexible environment with an intuitive graphical representation of traces and analysis results. Furthermore, all aspects of side channel analysis are integrated in one solution, so that the user does not need to switch between environments or workstations in order to perform different aspects of side channel testing.
Used by organisations worldwide, the integrated modular platform of Inspector combines acquisition, alignment, signal processing, statistics and side channel cryptanalysis tool for Side Channel Analysis testing. Custom designed hardware and software enable government institutions, security evaluation laboratories and chip manufacturers around the globe to perform time efficient, reproducible, cutting edge security research.
Contact us directly at firstname.lastname@example.org for more information.
The all-in-one solution for detailed control over the entire side channel testing process.
"Take your side channel research to the next level with our advanced integrated tool for side channel analysis and fault injection"
One solution for power (including SPA, DPA and CPA),electromagnetic (EMA)and contactless (RFA/EMA-RF) side channel testing of smart card and embedded technology.
Efficient use of in-software filters through real-time signal processing during data acquisition.
Tight oscilloscope and Riscure hardware integration to configure all acquisition settings and perform measurements via Inspector GUI significantly boost acquisition.
Configurable test methods supported such as SPA, DPA, CPA and high-order test methods on a large number of ciphers including 3-DES, AES, RSA and ECC, SEED, MISTY1.
High-quality measurement hardware are researched and developed in-house to reach an optimal signal-to-noise ratio on crypto processors.
Stable platform which enables acquisition of millions of traces, advanced processing and analysis.
Unique advanced alignment methods to overcome clock jitter and randomisation countermeasures.
Bi-yearly updates for Inspector, dedicated help desk, extensive documentation and training from security professionals.
Optimized for outstanding SCA results, our hardware is designed with the requirements of the user and business in mind without losing flexibility. Ease of use, effortless configuration and seamless integration with Inspector SCA software or extend your own platform using the SDK on selected devices.
Advanced pattern-based triggering device for generating time independent pulses to avoid jitter and time-related countermeasures in SCA or FI testing.
Reduce complexity in Side Channel Analysis (SCA) and Fault Injection (FI) by creating a single control point for communication and glitch pattern generation
Low-noise transparent card reader for SPA/DPA side channel power measurements with precise triggering capabilities
Complete electromagnetic analysis solution for precise localised side channel measurements on a wide range of targets including embedded devices, contactless cards and conventional smart cards.
Analog filter and demodulator for Electromagnetic (EMA-RF) and Radio Frequency Analysis (RFA) on contactless solutions (ISO/IEC 14443)
Low-noise, high quality measurement signal for side channel acquisition on embedded devices.
The Inspector SCA software comes pre-installed on an included workstation and three software licenses
Inspector SCA offers full control over the test object, trigger, oscilloscope and chaining function for real-time application of signal processing during data acquisition. Inspector SCA software contains a large set of cryptanalytic modules to perform attacks on all major algorithms. With module source available and the IDE integrated in Inspector, the user is free to develop modules, protocols or ciphers for proprietary implementations.
Control over the test object, trigger, oscilloscope and chaining function for real-time application of signal processing during data acquisition. Inspector hardware components are all configured through the user interface and will trigger to start oscilloscope measurements. Using and configuring hardware, including the oscilloscope, by an Inspector user is done from software; there is hardly any need to configure hardware manually. On acquiring new traces, Inspector generates random or selected input message text, starts encryption and records the returned cipher text and stores the traces on disk. Most processing steps available in the Signal Processing modules can be applied in real time during data acquisition, producing an instant trace set with a high information density, and saving considerable time during security evaluation.
Highly configurable cryptanalysis modules for SPA, DPA/CPA and high-order DPA including modules for 3-DES, AES, RSA and ECC. The side channel cryptanalysis modules are designed to deduce secret key material from traces obtained with the Power Tracer, EM Probe Station or Micropross MP300 TCL series as well as custom measurement equipment. Besides the major algorithms we have implemented region-specific and less common ciphers such as Camellia, SEED and MISTY1. Modules for new algorithms and power models can easily be inserted into Inspector using the IDE. In our Crypto2 framework, all algorithms have several optimization parameters as well as simulation and calculation options.
Reach optimal performance with a system configuration ideal for Inspector. With Inspector pre-installed, the workstation matches best with our software and hardware products and is updated regularly.
Signal processing features including filters, spectrum, statistics, advanced alignment and correlation functions. Side channel analysis requires the tester to control and understand the traces and samples acquired. Inspector features a large set of spectral filters with user-defined filter characteristics and harmonic filters to block or pass signals with all their harmonic content, statistical and frequency analysis functions. To get optimal results we focus our R&D on practical aspects of side channel analysis, such as alignment. Static, elastic and advanced dynamic (i.e. continuous) alignment compensate for time shifts or random process interrupts; this is one of the most important signal processing features and a very strong feature of Inspector. Modern chip techniques such as variable clock speeds can be tackled with the dynamic and elastic alignment module.
Freedom to test, freedom to research, freedom to tinker. Inspector is shipped with source code of modules for you to adapt, modify or rebuild. Unlike traditional proprietary models, we offer the source code of all available modules. We believe this facilitates your freedom to adapt to your testing environment and devices under test. Source code, an open API, hardware SDKs and integrated development environment (IDE) is therefore part of Inspector.
Our training courses excel in being practical and hands-on. During the course, you get to use open source tools as well as Riscure's own test tools on smart cards and embedded devices.
The training that is supplied with Inspector is modular of structure to tailor to the demands and knowledge of the trainees. Knowledge on side channel analysis and Java is useful, but not required. All training components use training cards that are supplied with inspector. When the trainees return back home after the training, they can practice their new skills on these cards along with extensive tutorials. Depending on your needs, we can provide a training that meets your requirements.
Bookings can be made via email@example.com or your local reseller. Attendees are free to move their training 2 weeks in advance of the original starting date to another slot, when seats are still available. The full amount needs to be paid in advance of the training, no guarantees can be made regarding your booking if the amount is not received on time. Cancellation fees apply.
We provide regular updates to our users to improve side channel and fault injection testing efficiency, user experience and introduce fixes through our support contract.
Inspector 4.12 SCA and FI (June 2017):
Inspector 4.11 SCA and FI (December 2016):
Inspector 4.10 SCA and FI (July 2016):
Inspector 4.9.1 SCA and FI (April 2016):
Inspector 4.9 SCA and FI (February 2016):
The world keeps moving: every year new attacks and methods are introduced. To keep you up-to-date we select practical attacks and make these available to our users.
For optimal performance of the software read the latest specifications of the PC workstation that we supply.
Tutorials, manuals, FAQ, release notes, software updates, issue tracking and much more can be found on our support portal. Please sign up and login at: https://support.riscure.com/
We organize two-day User Workshop where we will present the latest developments in side channel analysis and fault injection testing and provide practical tips. The User Workshop is free of charge to service contract holders.
We have a full-time support engineer to help with any issues you might face while doing your work. Our skilled people will try to get you back on track as fast as possible.
When purchasing Inspector, customers receive a permanent license to use the platform. We deliver Inspector to organisations in line with our Inspector Sales Policy. Under the service contract, the software of the tool is kept up-to-date and users are invited to the annual Inspector User Workshop.
Inspector SCA is a powerful tool that is are designed to determine the security strength of technology. However, it could potentially also be used to retrieve secrets for malicious or fraudulent purposes. Riscure only sells and distributes Inspector to organisations that can prove to have a legitimate business reason for using it.
The customer can demonstrate that it manufactures, integrates or issues technology which is not intended to illegally circumvent a security mechanism in another product.
Most of our customers are large and well-known international organisations. However, if we do not know of the customer's organisation, we first perform a background check and verify their location, scope and type of business that they are in.