Chip maker INSIDE Contactless and Cryptography Research (CRI) have signed an agreement regarding the use of CRI’s patented countermeasures that protect against a specific semiconductor attack known as differential power analysis (DPA). The countermeasures add security to tamper-resistant chips, such as INSIDE’s MicroPass and other secure semiconductor products.
Under the agreement, INSIDE may use CRI’s patents as part of the security strategy for its contactless semiconductor products which are used around the world in a variety of form factors, including contactless cards, key fobs, mobile payment bridge products, and NFC secure elements for mobile phones.
The license also covers third-party software executing on INSIDE’s MicroPass chip products, allowing INSIDE’s customers to develop their own DPA countermeasures without the need for a separate license from CRI. According to Charles Walton, executive vice president of payments for INSIDE Contactless, “this agreement allows INSIDE to distribute MicroPass products with DPA countermeasures to our manufacturing customers without their need to distinctly obtain licensing from CRI.”
DPA is a form of attack that involves monitoring the fluctuating electrical power consumption of a target device and then using advanced statistical methods to derive cryptographic keys and other secrets.