International Workshop on Cryptographic Hardware and Embedded Systems

CHES 2008: Cryptographic Hardware and Embedded Systems – CHES 2008 pp 346-362

Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration

  • Nele Mentens
  • Benedikt Gierlichs
  • Ingrid Verbauwhede
Conference paper

DOI: 10.1007/978-3-540-85053-3_22

Volume 5154 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Mentens N., Gierlichs B., Verbauwhede I. (2008) Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration. In: Oswald E., Rohatgi P. (eds) Cryptographic Hardware and Embedded Systems – CHES 2008. CHES 2008. Lecture Notes in Computer Science, vol 5154. Springer, Berlin, Heidelberg

Abstract

Dynamically reconfigurable systems are known to have many advantages such as area and power reduction. The drawbacks of these systems are the reconfiguration delay and the overhead needed to provide reconfigurability. We show that dynamic reconfiguration can also improve the resistance of cryptographic systems against physical attacks. First, we demonstrate how dynamic reconfiguration can realize a range of countermeasures which are standard for software implementations and that were practically not portable to hardware so far. Second, we introduce a new class of countermeasure that, to the best of our knowledge, has not been considered so far. This type of countermeasure provides increased resistance, in particular against fault attacks, by randomly changing the physical location of functional blocks on the chip area at run-time. Third, we show how fault detection can be provided on certain devices with negligible area-overhead. The partial bitstreams can be read back from the reconfigurable areas and compared to a reference version at run-time and inside the device. For each countermeasure, we propose a prototype architecture and evaluate the cost and security level it provides. All proposed countermeasures do not change the device’s input-output behavior, thus they are transparent to upper-level protocols. Moreover, they can be implemented jointly and complemented by other countermeasures on algorithm-, circuit-, and gate-level.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Nele Mentens
    • 1
    • 2
  • Benedikt Gierlichs
    • 1
  • Ingrid Verbauwhede
    • 1
  1. 1.Katholieke Universiteit Leuven, ESAT/SCD-COSIC and IBBTLeuven-HeverleeBelgium
  2. 2.Katholieke Hogeschool Limburg, IWTDiepenbeekBelgium