Journal of Cryptographic Engineering

, Volume 2, Issue 3, pp 143–159 | Cite as

Side channels as building blocks

  • Markus Kasper
  • Amir Moradi
  • Georg T. Becker
  • Oliver Mischke
  • Tim Güneysu
  • Christof Paar
  • Wayne Burleson
Regular Paper

Abstract

Since the introduction of the first side-channel analyses in academia about 15 years ago, several physical attacks have been presented that exploit side-channel leakages to break implementations of cryptographic algorithms. This article deals with the same physical property of electronic devices, but focuses on the art of tailoring it for constructive uses. More precisely, two scenarios, i.e., hardware Trojans and IP watermarking, are illustrated in which the designer of an electronic circuit can add functionality by considering side channels as part of the available design space. Both applications use the same concept, i.e., deliberately leaking a secret through a side channel while keeping the introduced side channel hidden from adversaries and attackers. This article provides a broad overview of the existing works for both applications and should serve as a comprehensible introduction to the underlying field of research. This includes many subtle details that have not been discussed in literature yet, including existing shortcomings and possible improvements to the existing works. The solutions summarized in this article provide general guidelines for theorists and practitioners to use side channels constructively to achieve designs that are robust against detection and removal. Furthermore, we present an entirely new design of a Trojan side-channel. This architecture demonstrates the potential of a Trojan side-channel that is neatly tailored to the targeted implementation. The new design removes all non-invasive starting points a third party could use to analyze or get access to the secret-channel.

Keywords

Side-channel analysis Hardware Trojan IP watermarking AES Masking 

Notes

Acknowledgments

The work described in this paper has been supported in part by the European Commission through the ICT program under contract ICT-2007-216676 ECRYPT II and by the NSF Grant 0916854.

References

  1. 1.
    Cryptographic Hardware and Embedded Systems. http://www.chesworkshop.org
  2. 2.
    Side-channel Attack Standard Evaluation Board (SASEBO). Further information are available via http://www.rcis.aist.go.jp/special/SASEBO/index-en.html
  3. 3.
    Report of the defense science board task force on high performance microchip supply. Defense Science Board, US DoD (2005)Google Scholar
  4. 4.
    Innovation at risk: intellectual property challenges and opportunities, white paper. Semiconductor Equipment and Materials International (2008)Google Scholar
  5. 5.
    Adee, S.: The hunt for the kill switch. IEEE Spectr. 45(5), 34–39 (2008)CrossRefGoogle Scholar
  6. 6.
    Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.-X., Veyrat-Charvillon, N.: Mutual information analysis: a comprehensive study. J. Cryptol. 24(2), 269–291 (2011)MathSciNetMATHCrossRefGoogle Scholar
  7. 7.
    Becker, G.T., Kasper, M., Moradi, A., Paar, C.: Side-channel based watermarks for integrated circuits. In: HOST 2010, pp. 30–35. IEEE Computer Society (2010)Google Scholar
  8. 8.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: CRYPTO 1997, volume 1294 of LNCS, pp. 513–525. Springer, New York (1997)Google Scholar
  9. 9.
    Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: SAC 2004, volume 3357 of LNCS, pp. 69–83. Springer, Berlin (2004)Google Scholar
  10. 10.
    Canright, D., Batina, L.: A very compact “perfectly masked” S-box for AES. In: ACNS 2008, volume 5037 of LNCS, pp. 446–459. Springer, Berlin (2008) (the corrected version is available at Cryptology ePrint Archive, Report 2009/011 http://eprint.iacr.org/)
  11. 11.
    Chen, Z., Guo, X., Nagesh, R., Reddy, A., Gora, M., Maiti, A.: Hardware Trojan designs on BASYS FPGA Board. In: Embedded system challenge contest in cyber security awareness week—CSAW 2008 (2008)Google Scholar
  12. 12.
    Coron, J.-S., Kocher, P.C., Naccache, D.: Statistics and secret leakage. In: FC 2000, volume 1962 of LNCS, pp. 157–173. Springer, Berlin (2000)Google Scholar
  13. 13.
    Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.T.M.: On the power of power analysis in the real world: a complete break of the KeeLoq code hopping scheme. In: CRYPTO, volume 5157 of LNCS, pp. 203–220. Springer, Berlin (2008)Google Scholar
  14. 14.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: CHES 2008, volume 5154 of LNCS, pp. 426–442. Springer, New York (2008)Google Scholar
  15. 15.
    Kahng, A.B., Lach, J., Mangione-Smith, W.H., Mantik, S., Markov, I.L., Potkonjak, M., Tucker, P., Wang, H., Wolfe, G.: Watermarking techniques for intellectual property protection. In: DAC 1998, pp. 776–781. ACM (1998)Google Scholar
  16. 16.
    Kean, T., McLaren, D., Marsh, C.: Verifying the authenticity of chip designs with the designtag system. In: HOST 2008, pp. 59–64. IEEE Computer Society (2008)Google Scholar
  17. 17.
    Kiamilev, F., Hoover, R.: Demonstration of hardware Trojans (2008)Google Scholar
  18. 18.
    King, S.T., Tucek, J., Cozzie, A., Grier, C., Jiang, W., Zhou, Y.: Designing and implementing malicious hardware. In: USENIX workshop on large-scale exploits and emergent threats, LEET 2008, pp. 1–8. USENIX Association (2008)Google Scholar
  19. 19.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: CRYPTO 1996, volume 1109 of LNCS, pp. 104–113. Springer, Berlin (1996)Google Scholar
  20. 20.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: CRYPTO 1999, volume 1666 of LNCS, pp. 388–397. Springer, Berlin (1999)Google Scholar
  21. 21.
    Lieberman, J.: National security aspects of the global migration of the U.S. semiconductor industry. white paper, Airland Subcommittee, US Senate Armed Services Committee (2003). http://lieberman.senate.gov/documents/whitepapers/semiconductor.pdf
  22. 22.
    Lin, L., Kasper, M., Güneysu, T., Paar, C., Burleson, W.: Trojan side-channels: lightweight hardware Trojans through side-channel engineering. In: CHES 2009, volume 5747 of LNCS, pp. 382–395. Springer, Berlin (2009)Google Scholar
  23. 23.
    Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: revealing the secrets of smart cards. Springer, Berlin (2007)Google Scholar
  24. 24.
    Messerges, T., Dabbish, E., Sloan, R.: Power analysis attacks of modular exponentiation in smartcards. In: CHES 1999, number 1717 in LNCS, p. 144. Springer, New York (1999)Google Scholar
  25. 25.
    Moradi, A., Barenghi, A., Kasper, T., Paar, C.: On the vulnerability of FPGA bitstream encryption against power analysis attacks—extracting keys from Xilinx Virtex-II FPGAs. In: The 18th ACM conference on computer and communications security, CCS 2011. ACM 2011 (to appear, a draft version is available in Cryptology ePrint Archive, Report 2011/390). http://eprint.iacr.org/
  26. 26.
    Narayan, N., Newbould, R.D., Carothers, J.D., Rodriguez, J.J., Holman, W.T.: IP protection for VLSI designs via watermarking of routes. In: ASIC/SOC 2001, pp. 406–410. IEEE (2001)Google Scholar
  27. 27.
    Nohl, K., Evans, D., Starbug, Plötz, H.: Reverse-engineering a cryptographic RFID Tag. In: USENIX security symposium, pp. 185–194. USENIX Association (2008)Google Scholar
  28. 28.
    Oliveira, A.L.: Techniques for the creation of digital watermarks in sequentialcircuit designs. IEEE Trans. CAD of Integr. Circuits Syst. 20(9), 1101–1117 (2001)Google Scholar
  29. 29.
    Oswald, D., Paar, C.: Breaking Mifare DESFire MF3ICD40: power analysis and templates in the real world. In: CHES 2011, LNCS. Springer, Berlin (2011, to appear)Google Scholar
  30. 30.
    Paar, C.: Efficient VLSI architectures for bit-parallel computation in Galois fields. PhD thesis, Institure for Experimental Mathematics, University of Essen, Germany (1994)Google Scholar
  31. 31.
    Torunoglu, I., Charbon, E.: Watermarking-based copyright protection of sequential functions. IEEE J. Solid State Circuits 35(3), 434–440 (2000)CrossRefGoogle Scholar
  32. 32.
    Young, A., Yung, M.: The dark side of “Black-Box” cryptography, or: should we trust capstone? In: CRYPTO 1996, volume 1109 of LNCS, pp. 89–103. Springer, Berlin (1996)Google Scholar
  33. 33.
    Ziener, D., Teich, J.: Power signature watermarking of IP cores for FPGAs. Signal Process. Syst. 51(1), 123–136 (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag 2012

Authors and Affiliations

  • Markus Kasper
    • 1
  • Amir Moradi
    • 1
  • Georg T. Becker
    • 2
  • Oliver Mischke
    • 1
  • Tim Güneysu
    • 1
  • Christof Paar
    • 1
    • 2
  • Wayne Burleson
    • 2
  1. 1.Horst Görtz Institute for IT-SecurityRuhr University BochumBochumGermany
  2. 2.Department of Electrical and Computer EngineeringUniversity of MassachusettsAmherstUSA

Personalised recommendations