Path switching: a technique to tolerate dual rail routing imbalances

Abstract

Dual Rail Precharge (DRP) circuits, which are theoretically secure against differential power analysis attacks, suffer from an implementation problem: balancing the routing capacitance of differential signals. To solve this, four proposals have been put forward: Divided Wave Dynamic Differential Logic (DWDDL) (Tiri and Verbauwhede in DATE ’04, pp. 246–251, [2004]), FatWire (Tiri and Verbauwhede in Cardis 2004, pp. 143–158, [2004]), Backend Duplication (Guilley et al. in Lecture Notes in Computer Science, vol. 3659, pp. 383–397, [2005]) and Three Phase Dual Rail (Bucci et al. in Lecture Notes in Computer Science, vol. 4249, pp. 232–241, [2006]). Of these, three (DWDDL, FatWire, Backend Duplication) proposals alter the routing mechanism of Standard Place and Route tools, which in turn introduces an additional step. The other proposal introduces a third phase which reduces the system’s performance. In this paper we propose a new countermeasure, Path Switching, to address the routing problem in DRP circuits. From SPICE simulations we show that our proposal does not reveal the secret key for up to 300,000 traces, an increase of 75 times over normal Dual Rail circuits and 3000 times over normal single rail circuits.

This is a preview of subscription content, access via your institution.

References

  1. 1.

    Tiri K, Verbauwhede I (2004) A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: DATE ’04: proceedings of the conference on design, automation and test in Europe. IEEE Computer Society, Washington, pp 246–251

    Google Scholar 

  2. 2.

    Tiri K, Verbauwhede I (2004) Place and route for secure standard cell design. In: 6th international conference on smart card research and advanced applications (CARDIS 2004), August 2004, pp 143–158

  3. 3.

    Guilley S, Hoogvorst P, Mathieu Y, Pacalet R (2005) The backend duplication method. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES 2005), proceedings of the 7th international workshop, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 383–397

    Google Scholar 

  4. 4.

    Bucci M, Giancane L, Luzzi R, Trifiletti A (2006) Three-phase dual-rail pre-charge logic. In: Goubin L, Matsui M (eds) Cryptographic hardware and embedded systems (CHES 2006). Lecture notes in computer science, vol 4249. Springer, Berlin, pp 232–241

    Google Scholar 

  5. 5.

    Ravi S, Raghunathan A, Kocher P, Hattangady S (2004) Security in embedded systems: design challenges. Trans Embed Comput Syst 3(3):461–491

    Article  Google Scholar 

  6. 6.

    Kocher PC, Jaffe J, Jun B (1999) Differential power analysis. In: CRYPTO ’99: proceedings of the 19th annual international cryptology conference on advances in cryptology. Springer, London, pp 388–397

    Google Scholar 

  7. 7.

    Benini L, Macii A, Macii E, Omerbegovic E, Pro F, Poncino M (2003) Energy-aware design techniques for differential power analysis protection. In: DAC ’03: proceedings of the 40th conference on design automation. ACM, New York, pp 36–41

    Google Scholar 

  8. 8.

    Bucci M, Guglielmo M, Luzzi R, Trifiletti A (2004) A power consumption randomization countermeasure for DPA-resistant cryptographic processors. In: Integrated circuit and system design. Power and timing modeling, optimization and simulation, proceedings of the 14th international workshop, PATMOS 2004. Lecture notes in computer science, vol 3254. Springer, Berlin, pp 481–490

    Google Scholar 

  9. 9.

    Pramstaller N, Oswald E, Mangard S, Gürkaynak FK, Haene S (2004) A masked AES ASIC implementation. In: Ofner E, Ley M (eds) Proceedings of Austrochip 2004, Villach, Austria, October 2004, pp 77–82

  10. 10.

    Popp T, Mangard S (2005) Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES 2005), proceedings of the 7th international workshop, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 172–186

    Google Scholar 

  11. 11.

    Sokolov D, Murphy J, Bystrov A, Yakovlev A (2005) Design and analysis of dual-rail circuits for security applications. IEEE Trans Comput 54(4):449–460

    Article  Google Scholar 

  12. 12.

    Tiri K, Verbauwhede I (2003) Securing encryption algorithms against DPA at the logic level: next generation smart card technology. In: CHES, pp 125–136

  13. 13.

    Trichina E, Korkishko T, Lee KH (2004) Small size, low power, side channel-immune AES coprocessor: design and synthesis results. In: Dobbertin H, Rijmen V, Sowa A (eds) Advanced encryption standard (AES), 4th international conference, AES 2004, Bonn, Germany, May 10–12, 2004. Lecture notes in computer science, vol 3373. Springer, Berlin, pp 113–127

    Google Scholar 

  14. 14.

    Mangard S, Popp T, Gammel BM (2005) Side-channel leakage of masked CMOS gates. In: Topics in cryptology CT-RSA 2005. Lecture notes in computer science, vol 3376. Springer, Berlin, pp 351–365

    Google Scholar 

  15. 15.

    Mangard S, Pramstaller N, Oswald E (2005) Successfully attacking masked AES hardware implementations. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES) 2005, proceedings of 7th international workshop, Edinburgh, Scotland, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 157–171

    Google Scholar 

  16. 16.

    Popp T, Mangard S (2006) Implementation aspects of the DPA-resistant logic style MDPL. In: Proceedings of the international symposium on circuits and systems (ISCAS 2006), Island of Kos, Greece, May 21–24, 2006. IEEE Computer Society, New York, pp 2913–2916. ISBN 0-7803-9390-2

    Google Scholar 

  17. 17.

    Tiri K, Verbauwhede I (2005) Prototype IC with WDDL and differential routing DPA resistance assessment. In: Rao JR, Sunar B (eds) Cryptographic hardware and embedded systems (CHES 2005), proceedings of the 7th international workshop, August 29–September 1, 2005. Lecture notes in computer science, vol 3659. Springer, Berlin, pp 354–365

    Google Scholar 

  18. 18.

    Synopsys, Inc (2006) Nanosim user guide, April 2006. http://www.synopsys.com

  19. 19.

    Örs SB, Gürkaynak FK, Oswald E, Preneel B (2004) Power-analysis attack on an ASIC AES implementation. In: ITCC ’04: proceedings of the international conference on information technology: coding and computing, vol 2. IEEE Computer Society, Washington, p 546

    Google Scholar 

  20. 20.

    Guiney M, Leavitt E (2006) An introduction to openaccess: an open source data model and API for IC design. In: ASP-DAC ’06: proceedings of the 2006 conference on Asia South Pacific design automation. ACM, New York, pp 434–436

    Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Karthik Baddam.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Baddam, K., Zwolinski, M. Path switching: a technique to tolerate dual rail routing imbalances. Des Autom Embed Syst 12, 207–220 (2008). https://doi.org/10.1007/s10617-008-9017-z

Download citation

Keywords

  • DPA
  • Smart card security
  • Dual rail circuit
  • Path switching