Broadcom first set-top box SoC certified for differential power analysis resistance

Thursday, December 19th, 2013
Cryptography Research logo

Cryptography Research and Riscure Certify Broadcom as First-Ever DPA-Resistant Set-top Box SoC

  • Cryptography Research and Riscure validate set-top boxes utilizing Broadcom’s BCM7538 SoC to effectively protect against side channel attacks

SAN FRANCISCO, Calif. & DELFT, The Netherlands — Cryptography Research Inc. (CRI), a division of Rambus Inc. (NASDAQ:RMBS), and Riscure today announced the certification of Broadcom’s set-top box silicon under the Differential Power Analysis (DPA) countermeasure validation program. The analysis, conducted by security evaluation firm Riscure, validates the effectiveness of DPA countermeasures to protect quality content distribution in set-top box products utilizing the Broadcom BCM7538 SoC.

“Implementing effective countermeasures to DPA is important to enable a secure foundation for content distribution,” said Dan Marotta, Broadcom executive vice president and general manager, Broadband Communications Group. “We will continue to leverage our engineering expertise to be first to market and industry leader in providing secure set-top box home networking technology to our customers and partners.”

Cryptography Research licenses DPA countermeasure technologies to protect devices against side channel attacks that can extract cryptographic keys and other sensitive data from chips in set-top boxes and other home networking products. The need to integrate more comprehensive security solutions in set-top boxes has emerged as basic content protection solutions sometimes fail to thwart today’s advanced piracy techniques. Broadcom is the first semiconductor company to provide these new DPA countermeasures across its line of set-top box SoCs.

The DPA countermeasure validation program is a certification program administered by security experts at Cryptography Research, and involves rigorous independent testing of products to evaluate resistance to side channel attacks. The testing program’s goal is to enable chip purchasers and downstream customers to identify devices with effective security. In 2012 Riscure was accredited by Cryptography Research as an independent testing lab to conduct evaluations for the DPA countermeasure validation program.

“Emerging requirements demand the highest levels of protection for premium content distribution across the broad spectrum of pay TV systems,” said Benjamin Jun, chief technology officer for Cryptography Research. “This certification demonstrates Broadcom’s dedication to implement state-of-the-art security countermeasures in its SoCs.”

“Riscure has conducted comprehensive testing of the relevant cryptographic functions deployed by the Broadcom BCM7538 SoC, which are used in pay TV set-top box applications. We are pleased to confirm that these techniques are effective in protecting against side channel attacks,” said Pascal Van Gimst, managing director of Riscure Security Labs.

The BCM7538 is now approved to display the “DPA Lock” security logo, which provides customers with assurance that devices contain DPA countermeasures which are authorized and have been rigorously tested by an independent security-testing lab.