Nvidia licenses Rambus’ DPA tech for side-channel data leak prevention

Most gerbils are familiar with the Rambus name from the ill-fated RDRAM popular back in the Pentium 4 days. Although the company appeared to vanish from the consumer space, it continued on to offer its services to high-flying customers like Boeing. One of Rambus' products series is called DPA Countermeasures (standing for Differential Power Analysis), a suite of side-channel attack prevention solutions. Now, Nvidia has licensed that technology for its own wares.

Nvidia didn't specify what it's using Rambus' DPA for, but the press release mentions "artificial intelligence, autonomous cars, virtual reality and professional visualization." We take it that means Nvidia may be using DPA in some Tesla products, and possibly even Quadro cards.

Rambus DPA Workstation Platform

Old-enough gerbils may remember the term "Van Eck phreaking," a synonym of sorts for side-channel attacks, usually of the electrical fashion. A side-channel attack involves, for example, tuning in to and intepreting the electromagnetic noise that a CPU makes when it's processing encryption keys, in order to extract them. Rambus' DPA is a set of products meant to analyze or prevent those attacks.

The DPA Workstation Testing Platform is a combination of hardware and software (including a sweet-looking oscilloscope) that allows circuit designers to verify that their gear isn't susceptible to side-channel attacks. Rambus even offers its own take on an encryption core, called the DPA Resistant AES Core—a "black box" of sorts intended to be integrated into SoCs and FPGAs that handles encryption duties but isn't suspectible to side-channel attacks.

Comments closed
    • ronch
    • 3 years ago

    Ahhh… RAMBus… The friend of everyone in the industry.

      • Krogoth
      • 3 years ago

      The whole memory cartel are massive jerks. RAMBUS just tired to play a fast one on them and lost.

    • DragonDaddyBear
    • 3 years ago

    These attacks are mostly academic, with more and more research coming out. Currently, though, it would take a lot of planning on a high valued target to make this worth exploiting. As Captain Need pointed out, this is why there is tempest. I’ve seen and worked with that stuff before and it’s quite thorough, not a certification a product pursues lightly. That has me wondering what and where Nvidia products featuring this will be used.

      • brucethemoose
      • 3 years ago

      Cars are something you don’t want getting hacked, so I imagine that’s a likely candidate.

      However, that’s a hard target for this sort of attack anyway, as you get a TON of interference from the engine, alternator, road noise and so on.

        • DragonDaddyBear
        • 3 years ago

        I agree. The article points out AI and autonomous vehicles and professional vehicles. These are areas where a high spring government may be interested for critical applications.

          • Beahmont
          • 3 years ago

          Absolutely. Why 60 years from now the best and most powerful planes the US Military flies will be powered with stuff available in your graphics card now…

      • morphine
      • 3 years ago

      Actually, if you go searching for news in the past few years, Van Eck phreaking is very much alive and well and can pull important data from machines.

      • spugm1r3
      • 3 years ago

      My guess would be public transportation autonomous vehicles. More so than your personal transportation, shifting buses and trains to autonomous operation will require resilience to being hijacked or hacked.

      EDIT: Grammar, cuz’ I think faster than I type.

    • albundy
    • 3 years ago

    hahaha, RDRAM made the intel platform so undesirable, that AMD looked so good back in the day.

      • jihadjoe
      • 3 years ago

      i stuck with my 440BX throughout that 820 nonsense.

      • Krogoth
      • 3 years ago

      Nah, RDRAM was the best memory solution for Netburst chips until DDR2. i850 chipset was rock-solid and blew anyway everything in Intel world even the 875P if you used 1066 RDIMMs. It wasn’t until DDR2 and 955X you had a platform that made i850 chipset obsolete.

      I do admit that RDRAM never made any sense for Pentium III and i820. Intel should have waited until Pentium 4 for it.

      The price difference between RDRAM and DDR1 had more to do with other memory manufacturers retaliating to RAMBUS’s litigation. They sold DDR1 at a loss until RDRAM fell out of favor once the Intel contract expired. RAMBUS even paid some of the memory manufacturers *cough*Micron*cough* to produce RDIMMS but they never did.

    • Shinare
    • 3 years ago

    [quote<]Old-enough gerbils may remember...[/quote<] Wow, for a second there it felt kinda cool to be old... ...but only for a second. 🙁

    • meerkt
    • 3 years ago

    [quote<](including a sweet-looking oscilloscope)[/quote<] So you're forced to have to buy a Tek DPO7104C from Rambus? 🙂

      • Shobai
      • 3 years ago

      For a reasonable markup, of course!

    • Captain Ned
    • 3 years ago

    Van Eck phreaking. Described best in Neal Stephenson’s “Cryptonomicon”. In the military and 3-letter agency world, it’s called TEMPEST.

      • Thrashdog
      • 3 years ago

      EM emissions aren’t the only side channel to be concerned about, either. Other fascinating side-channel attacks include using a microphone to do things like [url=http://www.nytimes.com/2004/12/12/magazine/acoustic-keyboard-eavesdropping.html<]determine keyboard inputs by applying frequency analysis to determine the acoustic signature of each key on the keyboard[/url<], or using the [url=https://www.schneier.com/blog/archives/2013/12/acoustic_crypta.html<]high-frequency noises emitted by solid-state electronic components as an input in executing a timing attack[/url<]. Several years ago, some researchers actually demonstrated the ability to capture the contents of a concealed display by focusing a [url=https://www.infsec.cs.uni-saarland.de/projects/reflections/<]high-powered telescope on the reflection of the display in the user's eyeballs[/url<].

        • Srsly_Bro
        • 3 years ago

        I was actually thinking of the microphone method to acquire date or passwords the other day. I guess it’s an actual method employed. That’s cool to know.

Pin It on Pinterest

Share This