Fault Analysis Attack against an AES Prototype Chip Using RSL
- 886 Downloads
This paper reports a successful Fault Analysis (FA) attack against a prototype AES (Advanced Encryption Standard) hardware implementation using a logic-level countermeasure called Random Switching Logic (RSL). The idea of RSL was proposed as one of the most effective countermeasures for preventing Differential Power Analysis (DPA) attacks. The RSL technique was applied to AES and a prototype ASIC was implement with a 0.13-μm standard CMOS library. Although the main purpose of using RSL is to enhance the DPA resistance, our evaluation results for the ASIC reveal that the DPA countermeasure of RSL can negatively affect the resistance against FA attacks. We show that the circuits using RSL has a potential vulnerability against FA attacks by increasing the clock frequency.
KeywordsFault Analysis Random Switching Logic AES Clock-based Attack
Unable to display preview. Download preview PDF.
- 1.Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
- 4.Shamir, A., Tromer, E.: Acoustic cryptanalysis on noisy people and noisy machines. Preliminary proof-of-concept presentation, http://www.wisdom.weizmann.ac.il/~tromer/acoustic/
- 6.FIPS Pub. 197: Specification for the AES (November 2001), http://csrc.nist.gov/pub-lications/fips/fips197/fips-197.pdf
- 8.Miller, V.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
- 10.Tiri, K., Verbauwhede, I.: A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: Proceedings of Design, Automation and Test in Europe Conference (DATE 2004), pp. 246–251 (2004)Google Scholar
- 11.Trichina, E.: Combinational logic design for AES subbyte transformation on masked data. Technical report, Cryptology ePrint Archive: Report 2003/236 (2003)Google Scholar
- 19.Suzuki, D., Saeki, M.: Satoh A. A design methodology for a DPA-resistant cryptographic LSI with RSL techniques (I). In: Symposium Record of Symposium on Cryptography and Information Security (SCIS 2008), 6 pages (2008)Google Scholar
- 20.Suzuki, D., Saeki, M., Ichikawa, T.: Random switching logic: A countermeasure against DPA based on transition probability. Technical report, Cryptology ePrint Archive: Report 2004/346 (2004)Google Scholar
- 21.Research Center for Information Security (RCIS). Side-channel attack standard evaluation board (SASEBO), http://www.rcis.aist.go.jp/special/SASEBO/index-en.html
- 23.Research Center for Information Security (RCIS). Side-channel attack standard evaluation board (SASEBO), http://www.rcis.aist.go.jp/special/SASEBO/CryptoLSI-en.html