Cryptographic Hardware and Embedded Systems - CHES 2009

Volume 5747 of the series Lecture Notes in Computer Science pp 189-204

A Design Methodology for a DPA-Resistant Cryptographic LSI with RSL Techniques

  • Minoru SaekiAffiliated withInformation Technology R&D Center, Mitsubishi Electric Corporation
  • , Daisuke SuzukiAffiliated withInformation Technology R&D Center, Mitsubishi Electric CorporationGraduate School of Environmental and Information Sciences, Yokohama National University
  • , Koichi ShimizuAffiliated withInformation Technology R&D Center, Mitsubishi Electric Corporation
  • , Akashi SatohAffiliated withResearch Center for Information Security, National Institute of Advanced Industrial Science and Technology (AIST) Chiyoda


A design methodology of Random Switching Logic (RSL) using CMOS standard cell libraries is proposed to counter power analysis attacks against cryptographic hardware modules. The original RSL proposed in 2004 requires a unique RSL-gate for random data masking and glitch suppression to prevent secret information leakage through power traces. However, our new methodology enables to use general logic gates supported by standard cell libraries. In order to evaluate its practical performance in hardware size and speed as well as resistance against power analysis attacks, an AES circuit with the RSL technique was implemented as a cryptographic LSI using a 130-nm CMOS standard cell library. From the results of attack experiments that used a million traces, we confirmed that the RSL-AES circuit has very high DPA and CPA resistance thanks to the contributions of both the masking function and the glitch suppressing function. This is the first result demonstrating reduction of the side-channel leakage by glitch suppression quantitatively on real ASIC.