Design Automation for Embedded Systems

, Volume 12, Issue 3, pp 207–220 | Cite as

Path switching: a technique to tolerate dual rail routing imbalances

Article

Abstract

Dual Rail Precharge (DRP) circuits, which are theoretically secure against differential power analysis attacks, suffer from an implementation problem: balancing the routing capacitance of differential signals. To solve this, four proposals have been put forward: Divided Wave Dynamic Differential Logic (DWDDL) (Tiri and Verbauwhede in DATE ’04, pp. 246–251, [2004]), FatWire (Tiri and Verbauwhede in Cardis 2004, pp. 143–158, [2004]), Backend Duplication (Guilley et al. in Lecture Notes in Computer Science, vol. 3659, pp. 383–397, [2005]) and Three Phase Dual Rail (Bucci et al. in Lecture Notes in Computer Science, vol. 4249, pp. 232–241, [2006]). Of these, three (DWDDL, FatWire, Backend Duplication) proposals alter the routing mechanism of Standard Place and Route tools, which in turn introduces an additional step. The other proposal introduces a third phase which reduces the system’s performance. In this paper we propose a new countermeasure, Path Switching, to address the routing problem in DRP circuits. From SPICE simulations we show that our proposal does not reveal the secret key for up to 300,000 traces, an increase of 75 times over normal Dual Rail circuits and 3000 times over normal single rail circuits.

Keywords

DPA Smart card security Dual rail circuit Path switching 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Tiri K, Verbauwhede I (2004) A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: DATE ’04: proceedings of the conference on design, automation and test in Europe. IEEE Computer Society, Washington, pp 246–251 CrossRefGoogle Scholar
  2. 2.
    Tiri K, Verbauwhede I (2004) Place and route for secure standard cell design. In: 6th international conference on smart card research and advanced applications (CARDIS 2004), August 2004, pp 143–158 Google Scholar
  3. 3.
    Guilley S, Hoogvorst P, Mathieu Y, Pacalet R (2005) The backend duplication method. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES 2005), proceedings of the 7th international workshop, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 383–397 CrossRefGoogle Scholar
  4. 4.
    Bucci M, Giancane L, Luzzi R, Trifiletti A (2006) Three-phase dual-rail pre-charge logic. In: Goubin L, Matsui M (eds) Cryptographic hardware and embedded systems (CHES 2006). Lecture notes in computer science, vol 4249. Springer, Berlin, pp 232–241 CrossRefGoogle Scholar
  5. 5.
    Ravi S, Raghunathan A, Kocher P, Hattangady S (2004) Security in embedded systems: design challenges. Trans Embed Comput Syst 3(3):461–491 CrossRefGoogle Scholar
  6. 6.
    Kocher PC, Jaffe J, Jun B (1999) Differential power analysis. In: CRYPTO ’99: proceedings of the 19th annual international cryptology conference on advances in cryptology. Springer, London, pp 388–397 Google Scholar
  7. 7.
    Benini L, Macii A, Macii E, Omerbegovic E, Pro F, Poncino M (2003) Energy-aware design techniques for differential power analysis protection. In: DAC ’03: proceedings of the 40th conference on design automation. ACM, New York, pp 36–41 CrossRefGoogle Scholar
  8. 8.
    Bucci M, Guglielmo M, Luzzi R, Trifiletti A (2004) A power consumption randomization countermeasure for DPA-resistant cryptographic processors. In: Integrated circuit and system design. Power and timing modeling, optimization and simulation, proceedings of the 14th international workshop, PATMOS 2004. Lecture notes in computer science, vol 3254. Springer, Berlin, pp 481–490 Google Scholar
  9. 9.
    Pramstaller N, Oswald E, Mangard S, Gürkaynak FK, Haene S (2004) A masked AES ASIC implementation. In: Ofner E, Ley M (eds) Proceedings of Austrochip 2004, Villach, Austria, October 2004, pp 77–82 Google Scholar
  10. 10.
    Popp T, Mangard S (2005) Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES 2005), proceedings of the 7th international workshop, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 172–186 CrossRefGoogle Scholar
  11. 11.
    Sokolov D, Murphy J, Bystrov A, Yakovlev A (2005) Design and analysis of dual-rail circuits for security applications. IEEE Trans Comput 54(4):449–460 CrossRefGoogle Scholar
  12. 12.
    Tiri K, Verbauwhede I (2003) Securing encryption algorithms against DPA at the logic level: next generation smart card technology. In: CHES, pp 125–136 Google Scholar
  13. 13.
    Trichina E, Korkishko T, Lee KH (2004) Small size, low power, side channel-immune AES coprocessor: design and synthesis results. In: Dobbertin H, Rijmen V, Sowa A (eds) Advanced encryption standard (AES), 4th international conference, AES 2004, Bonn, Germany, May 10–12, 2004. Lecture notes in computer science, vol 3373. Springer, Berlin, pp 113–127 Google Scholar
  14. 14.
    Mangard S, Popp T, Gammel BM (2005) Side-channel leakage of masked CMOS gates. In: Topics in cryptology CT-RSA 2005. Lecture notes in computer science, vol 3376. Springer, Berlin, pp 351–365 Google Scholar
  15. 15.
    Mangard S, Pramstaller N, Oswald E (2005) Successfully attacking masked AES hardware implementations. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES) 2005, proceedings of 7th international workshop, Edinburgh, Scotland, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 157–171 CrossRefGoogle Scholar
  16. 16.
    Popp T, Mangard S (2006) Implementation aspects of the DPA-resistant logic style MDPL. In: Proceedings of the international symposium on circuits and systems (ISCAS 2006), Island of Kos, Greece, May 21–24, 2006. IEEE Computer Society, New York, pp 2913–2916. ISBN 0-7803-9390-2 CrossRefGoogle Scholar
  17. 17.
    Tiri K, Verbauwhede I (2005) Prototype IC with WDDL and differential routing DPA resistance assessment. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES 2005), proceedings of the 7th international workshop, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 354–365 CrossRefGoogle Scholar
  18. 18.
    Synopsys, Inc (2006) Nanosim user guide, April 2006. http://www.synopsys.com
  19. 19.
    Örs SB, Gürkaynak FK, Oswald E, Preneel B (2004) Power-analysis attack on an ASIC AES implementation. In: ITCC ’04: proceedings of the international conference on information technology: coding and computing, vol 2. IEEE Computer Society, Washington, p 546 CrossRefGoogle Scholar
  20. 20.
    Guiney M, Leavitt E (2006) An introduction to openaccess: an open source data model and API for IC design. In: ASP-DAC ’06: proceedings of the 2006 conference on Asia South Pacific design automation. ACM, New York, pp 434–436 CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2008

Authors and Affiliations

  1. 1.Electronics Systems and Devices Group, School of Electronics and Computer ScienceUniversity of SouthamptonSouthamptonUK

Personalised recommendations