CSPi Announces New Approach to Solve for Intel x86 Chip Flaw and SGX Encryption Vulnerability

TrustZone-Capable PCIe Adapter Replaces SGX


BOSTON, Aug. 28, 2018 (GLOBE NEWSWIRE) -- CSPi (NASDAQ: CSPi), a leading provider of security solutions, packet-capture products and IT managed services, announces today the release of the ARIA SDS micro Hardware Security Module (HSM) solution at VMworld2018. The ARIA microHSM is a bundled solution consisting of a virtualized HSM application and the PCIe-based Myrcom® Secure Intelligent Adapter (SIA).

With the ability to offload the storage of keys to ARIA microHSM, this solves for one of the most alarming and difficult to solve security challenges: how to address the vulnerabilities in the Intel® x86 chip design, and more important, the SGX vulnerability targeted by Foreshadow. The innovative and elegant approach of the ARIA microHSM not only establishes a fully secured TrustZone, but it also requires zero footprint as it can be deployed in any cloud or on-premises server.

“Intel’s SGX was trusted to be the secure enclave to store certificates and keys used to encrypt data and applications. Now that Foreshadow directly targets and compromises SGX, this is no longer possible,” said Gary Southwell, GM, CSPi Security Products. “This puts the industry in a tailspin as it affects millions of servers, and a fix from Intel could be years away. Our ARIA microHSM entirely bypasses the x86, creating a secure environment within the same server to cache millions of keys and run the crypto-operations in an impenetrable environment.”

The now infamous Meltdown and Spectre vulnerabilities first exposed the x86 chip design weakness and raised alarm bells across the technology landscape. However, the most recent Foreshadow and Foreshadow NG flaws are of greater concern to the security market as they directly impact L1 cache and SGX. Intel designed SGX to allow user-level programs to create secure enclaves on the x86 processor with protected memory regions for executing security-related functions and storing crypto-keys and other secret information.

The ARIA microHSM securely caches keys away from the server Intel CPU, ensuring that the encryption of critical application data or transactions involving PII/PHI are protected in the event of a breach. The SIA is also powerful enough to offload the entire set of cypto-fuctions from the applications, encrypting and decrypting the data as required as it is moved across the PCIe bus. The microHSM can scale to securely handle close to one million operations per second – up to ten times greater than appliance-based HSM solutions.

Since the ARIA microHSM is delivered as a PCIe network adapter card, it can be deployed in any cloud or on-premise server. It doubles as a high-speed NIC card and was built from the ground up to be a secure transaction execution environment. Its hardware provides a TrustZone that can generate and cache keys for rapid execution directly within a hardened compute environment. For organizations that need to meet government security requirements, a FIPs 140-2 Level 3-compliant version is available. It scales to handle the high volume of traffic originating from the host server/VMs applications to uniquely encrypt data to any level of strength on an application or even a transaction-by-transaction basis. The benefit is that the server/VM applications get the fine-grained or course-grained encryption services they need as required. Applications perform at the highest rate because the crypto-services do not contend for the same server cores as the application and hypervisor when under load.

The ARIA microHSM leverages the Myricom Secure Intelligent Adapter (SIA), winner of best new security product at VMworld 2017. This solution is highly performant – easily supporting millions of requests per minute – required to protect PII/PHI as dictated by stringent regulations. This allows the microHSM to generate encrypted traffic at up to line rates of 50 Gbps 10x greater than its nearest appliance based competitor.

To learn more about CSPi’s security solutions, including ARIA microHSM and Myricom SIA, please visit CSPi at VMworld #1632 on the exhibit floor.

Contact Marketing@CSPi.com to schedule an onsite meeting with our expert security team.

About CSPi

CSPi (NASDAQ:CSPI) maintains two distinct and dynamic divisions – the High Performance Products, including the Cybersecurity Center of Excellence, and Technology Solutions – with a shared vision for technology excellence. CSPi’s cybersecurity solutions protect an organization’s critical assets to minimize, or remove, the impact of the inevitable data breach.  Our ARIA Software Defined Security platform solves the complexities associated with securing DevOps environments, while our Myricom nVoy Series appliances provide automated breach identification and notification, enabled by the 10G dropless packet capture inherent in our Myricom® ARC intelligent adapters. CSPi’s Technology Solutions division helps clients achieve their business goals and accelerate time to market through innovative IT solutions and security services by partnering with best in class technology providers. For organizations that want the benefits of an IT department without the cost, we offer a robust catalog of Managed IT Services providing 24x365 proactive support. Our team of engineers have expertise across majors industries supporting five key technology areas: Advanced Security; Communication and Collaboration; Data Center; Networking and Wireless & Mobility. For more information, please visit www.cspi.com.

Myricom and ARIA are trademarks of CSPi Inc. All other brand names, product names or trademarks belong to their respective owners.

Contact Information:
Amy Carey
CSPi
Email: amy.carey@cspi.com

This press release may contain certain forward-looking statements, as that term is defined in the Private Securities Litigation Reform Act of 1995, including those relating to the products and services described herein. You can identify these statements by the use of the words “may,” “will,” “could,” “should,” “would,” “plans,” “expects,” “anticipates,” “continue,” “estimate,” “project,” “intend,” “likely,” “forecast,” “probable,” “potential,” and similar expressions. These forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those projected or anticipated. The Company cautions that numerous factors could cause actual results to differ materially from forward-looking statements made by the Company. Such risks include general economic conditions, market factors, competitive factors and pricing pressures, and others described in the Company's filings with the SEC. Please refer to the section on forward-looking statements included in the Company's filings with the Securities and Exchange Commission.