All posts by Enova Technology

從筆電晶片起家卻在軍工產業大紅!一家台灣晶片公司,如何靠「加密」打進美國防供應鏈?

2022/05/31 17:54 文|林宏達

伊諾瓦科技總經理萬述寧打造的加密晶片,打進美國、北約軍火供應鏈。(圖/陳俊松攝)

深耕資料保護技術20年的伊諾瓦科技,原本鎖定筆電安全晶片市場,沒想到卻意外成為美軍和北約最倚重的資安解決方案供應商。

2009年開始,一家台灣公司的晶片悄悄打入美國軍火供應鏈;現在,美國的飛彈、無人機系統都搭載來自台灣的晶片。這家公司叫伊諾瓦科技,在他們設計的機制保護下,電腦系統不但能指揮無人機戰鬥,控制武器的機密資料即使落入敵人手中,也只能看到毫無意義的亂碼。

伊諾瓦科技總經理萬述寧自信地說:「我們的晶片,是全世界唯一通過美國FIPS 140-2 Level 3認證的加密晶片。」通過美國政府的認證,伊諾瓦的產品不只打入美軍前十大軍火商供應鏈,也打入北約、以色列、澳洲等國的武器供應鏈,「我們的客戶非常低調,他們更想把我們藏起來。」

有意思的是,伊諾瓦一開始瞄準的是筆電用晶片市場,卻意外在軍工產業大紅。

伊諾瓦的設計則是把要保護的內容都改成亂碼,就算駭客入侵系統,看到的還是一片密文;而且只要有人意圖入侵系統,系統會讓「數字鑰匙」消失,讓密文無法被破解。

「身分認證是另一個重點。」萬述寧解釋,要通過美國政府的認證,要求之一就是要能完成非常可靠的身分認證。伊諾瓦把保管加密鑰匙和使用者身分認證的功能做在同一顆晶片裡,有心人無法改造電路取得資料,「所有身分認證功能都在晶片底層完成,這些身分資料只存在這顆晶片裡。」

萬述寧說,美國政府的要求是,第二級要有角色認證的功能,第三級要做到身分認證。他解釋,一個人會有學生、父親等不同「角色」,但身分卻是每個人獨一無二的。要辨識身分,一般系統只要打入密碼就能通過認證,伊諾瓦卻會加入更多方法測試,確認使用者的身分,如果有人惡意入侵,系統還要能做出反應,可能的選擇之一就是銷毀所有資料。對武器系統來說,身分認證一旦出問題,就可能讓威力強大的系統反過來對付自己。

萬述寧說,美國武器供應商觀察他們7、8年之後,從2009年開始採用他們的產品。如今,賭場甚至自駕車等,都是高度要求時效和資安的場域,也成為伊諾瓦的下一個商機;這家公司的未來,還有很大的想像空間。…(本文完整版請見《財訊》雙週刊660期)

資料來源:林宏達。(2022, May 31)。E從筆電晶片起家卻在軍工產業大紅!一家台灣晶片公司,如何靠「加密」打進美國防供應鏈?。https://www.wealth.com.tw/articles/019c574f-6b72-4de3-b14d-25d4b1b48b60?utm_source=facebook.com&utm_medium=fanpage

Enova Technology Receives FIPS 140-2 Level 3 Validation For X-Wall® MX+ Cryptographic Modules

Cryptographic Modules Protect Sensitive Information for Government Agencies and Enterprises

SAN JOSE, Calif., Oct 25, 2017 – Enova Technology, a market leader in innovative data security solutions, today announced its X-Wall® MX+ xF and X-Wall® MX+ xN advanced single chip cryptographic modules capable of encrypting entire SATA disk drive (SSD included) in-line at SATA 6Gbps speed have gained full approval from the National Institute of Standards and Technology (NIST) and Communications Security Establishment of Canada (CSE) Cryptographic Module Validation Program (CMVP) for Federal Information Processing Standards (FIPS) 140-2 Level 3 and Level 2 validation respectively.

News Facts:
  • FIPS 140-2 specifies the security requirements that are to be satisfied by a cryptographic module utilized within a security system protecting Sensitive Information (United States) or Protected Information (Canada) within computer and telecommunications systems (including voice systems).
  • FIPS 140-2 provides four increasing, qualitative levels of security: Level 1, Level 2, Level 3, and Level 4. These levels are intended to cover the wide range and potential applications and environments in which cryptographic modules may be employed. The security requirements cover eleven areas related to the secure design and implementation of a cryptographic module.
  • Products which use the above identified cryptographic module may be labeled as complying with the requirements of FIPS 140-2 so long as the product, throughout its life cycle, continues to use the validated version of the cryptographic module as specified in this certificate.
Supporting Quote:
  • Robert Wann, CEO, Enova Technology, said: “When the protection of sensitive information and critical communications is required, government agencies and business need to know that a product’s stated security claim is valid. The X-Wall® MX+ xF and X-Wall® MX+ xN FIPS 140-2 certified single chip crypto modules are capable of encrypting entire SATA disk drive or SSD in-line at 6Gbps (6 giga bit per second) using AES CBC 256-bit strength. The modules require no extra software driver therefore is independent from all operating systems. With FIPS 140-2 validation, Enova’s cryptographic modules meet the growing security needs of government agencies and business applications today.”

Enova Technology Receives FIPS 140-2 Validation for X-Wall® MX+ Cryptographic Modules

Cryptographic Modules Protect Sensitive Information for Government Agencies and Enterprises

SAN JOSE, Calif., Sept. 13, 2017 – Enova Technology, a market leader in innovative encryption security solutions, today announced its X-Wall® MX+ xF and X-Wall® MX+ xN advanced cryptographic modules have gained full approval from the National Institute of Standards and Technology (NIST) for Federal Information Processing Standards (FIPS) 140-2 Level 3 and Level 2 validation with certification numbers 3013 and 3014 respectively.

News Facts:
  • US government agencies are required to purchase security products that have received FIPS 140-2 validation. Enterprises rely on the validation as an impartial, independent review that further ensures the security capabilities of the products they purchase.
  • When protecting sensitive data, government agencies need to have a minimum level of assurance that a product’s stated security claim is valid. FIPS validation is globally accepted as one of the most trusted security validations.
  • FIPS validation requires rigorous testing and inspection in order to be certified by NIST. FIPS validated products go through a comprehensive review by government-approved laboratories, as well as a review by NIST and Communications Security Establishment (CSE) authorities.
Supporting Quote:
  • Robert Wann, CEO, Enova Technology, said: “When the protection of sensitive information and critical communications is required, government agencies and business need to know that a product’s stated security claim is valid. The X-Wall® MX+ xF and X-Wall® MX+ xN FIPS 140-2 certified single chip crypto modules are capable of encrypting entire SATA disk drive or SSD in-line at 6Gbps (6 giga bit per second) using AES CBC 256-bit strength. The modules require no extra software driver therefore is independent from all operating systems. With FIPS 140-2 validation, Enova’s cryptographic modules meet the growing security needs of government agencies and business applications today.”