Advertisement

Unrolling Cryptographic Circuits: A Simple Countermeasure Against Side-Channel Attacks

  • Shivam Bhasin
  • Sylvain Guilley
  • Laurent Sauvage
  • Jean-Luc Danger
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5985)

Abstract

Cryptographic cores are used to protect various devices but their physical implementation can be compromised by observing dynamic circuit emanations in order to derive information about the secrets it conceals. Protection against these attacks, also called side channel attacks are major concern of the cryptographic community. Masking and dual-rail precharge logic are promoted as its countermeasures but each has its own vulnerabilities. In this article, we propose a simple countermeasure which comprises unrolling rounds of a cryptographic algorithm such that multiple rounds are executed per clock cycle. This will require a stronger hypothesis on multiple bits due to deeper diffusion of the key. Results show that it resist against correlation power analysis on Hamming distance and Hamming weight model if the datapath is cleared after each operation. We also evaluated mutual information metric on the design and results show that unrolled DES is less vulnerable.

Keywords

Data encryption standard side-channel attack architectural countermeasure mutual information metric 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  2. 2.
    Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    TELECOM ParisTech SEN research group: DPA Contest (2008–2009), http://www.DPAcontest.org/
  4. 4.
    Akkar, M.L., Giraud, C.: An Implementation of DES and AES Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: DATE 2004, Paris, France, pp. 246–251. IEEE Computer Society, Los Alamitos (2004)Google Scholar
  6. 6.
    Standaert, F.X., Örs, S.B., Preneel, B.: Power Analysis of an FPGA: Implementation of Rijndael: Is Pipelining a DPA Countermeasure? In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 30–44. Springer, Heidelberg (2004)Google Scholar
  7. 7.
    Brier, É., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)Google Scholar
  8. 8.
    Guilley, S., Chaudhuri, S., Sauvage, L., Danger, J.L., Beyrouthy, T., Fesquet, L.: Updates on the Potential of Clock-Less Logics to Strengthen Cryptographic Circuits against Side-Channel Attacks. In: ICECS, Medina, Yasmine Hammamet, Tunisia. IEEE, Los Alamitos (2009)Google Scholar
  9. 9.
    Guilley, S., Hoogvorst, P., Pacalet, R.: A Fast Pipelined Multi-Mode DES Architecture Operating in IP Representation. Integration, The VLSI Journal 40, 479–489 (2007)CrossRefGoogle Scholar
  10. 10.
    Roche, T., Tavernier, C.: Multi-Linear cryptanalysis in Power Analysis Attacks: MLPA. In: WEWoRC 2009, Graz, Austria (2009)Google Scholar
  11. 11.
    Aabid, M.A.E., Guilley, S., Hoogvorst, P.: Template Attacks with a Power Model. Cryptology ePrint Archive, Report 2007/443 (2007), http://eprint.iacr.org/2007/443/
  12. 12.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  13. 13.
    Guilley, S., Hoogvorst, P., Pacalet, R., Schmidt, J.: Improving Side-Channel Attacks by Exploiting Substitution Boxes Properties. In Presse Universitaire de Rouen et du Havre, ed.:BFCA, Paris, France, May 02-04, pp. 1–25 (2007), http://www.liafa.jussieu.fr/bfca/books/BFCA07.pdf
  14. 14.
    Guilley, S., Sauvage, L., Danger, J.L., Selmane, N., Pacalet, R.: Silicon-level solutions to counteract passive and active attacks. In: FDTC, 5th Workshop on Fault Detection and Tolerance in Cryptography, pp. 3–17. IEEE-CS, Washington (2008), Up-to-date version on HAL: http://hal.archives-ouvertes.fr/hal-00311431/en/ CrossRefGoogle Scholar
  15. 15.
    Quisquater, J.J., Standaert, F.X.: Physically Secure Cryptographic Computations: From Micro to Nano Electronic Devices. In: DSN, Workshop on Dependable and Secure Nanocomputing (WDSN)., Edinburgh, UK, 2 pages. IEEE Computer Society, Los Alamitos (2007) (invited talk)Google Scholar
  16. 16.
    Guilley, S., Flament, F., Pacalet, R., Hoogvorst, P., Mathieu, Y.: Security Evaluation of a Balanced Quasi-Delay Insensitive Library. In: DCIS, Grenoble, France, 6 pages. IEEE, Los Alamitos (2008); Session 5D – Reliable and Secure Architectures, full text in HAL: http://hal.archives-ouvertes.fr/hal-00283405/en/ Google Scholar
  17. 17.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Prouff, E., Rivain, M.: Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 499–518. Springer, Heidelberg (2009)Google Scholar
  19. 19.
    Veyrat-Charvillon, N., Standaert, F.X.: Mutual Information Analysis: How, When and Why? In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 429–443. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  20. 20.
    Standaert, F.X., Peeters, É., Rouvroy, G., Quisquater, J.J.: An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays. Proceedings of the IEEE 94, 383–394 (2006) (invited paper)CrossRefGoogle Scholar
  21. 21.
    Chari, S., Rao, J.R., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Faurax, O., Tria, A., Freund, L., Bancel, F.: Robustness of circuits under delay-induced faults: test of AES with the PAFI tool. In: IOLTS, Heraklion, Crete, Greece, pp. 185–186. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  23. 23.
    Selmane, N., Guilley, S., Danger, J.L.: Setup Time Violation Attacks on AES. In: EDCC, The seventh European Dependable Computing Conference, Kaunas, Lithuania, pp. 91–96 (2008) ISBN: 978-0-7695-3138-0, doi:10.1109/EDCC-7.2008.11Google Scholar
  24. 24.
    Khelil, F., Hamdi, M., Guilley, S., Danger, J.L., Selmane, N.: Fault Analysis Attack on an FPGA AES Implementation. In: NTMS, Tangier, Morocco, pp. 1–5. IEEE, Los Alamitos (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Shivam Bhasin
    • 1
  • Sylvain Guilley
    • 1
  • Laurent Sauvage
    • 1
  • Jean-Luc Danger
    • 1
  1. 1.Département COMELECInstitut TELECOM / TELECOM ParisTech, CNRS LTCI (UMR 5141)PARIS Cedex 13France

Personalised recommendations