Side-Channel Protection by Randomizing Look-Up Tables on Reconfigurable Hardware

Pitfalls of Memory Primitives
  • Pascal Sasdrich
  • Oliver Mischke
  • Amir Moradi
  • Tim Güneysu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9064)

Abstract

Block Memory Content Scrambling (BMS), presented at CHES 2011, enables an effective way of first-order side-channel protection for cryptographic primitives at the cost of a significant reconfiguration time for the mask update. In this work we analyze alternative ways to implement dynamic first-order masking of AES with randomized look-up tables that can reduce this mask update time. The memory primitives we consider in this work include three distributed RAM components (RAM32M, RAM64M, and RAM256X1S) and one BRAM primitive (RAMB8BWER). We provide a detailed study of the area and time overheads of each implementation technique with respect to the operation (encryption) as well as reconfiguration (mask update) phase. We further compare the achieved security of each technique to prevent first-order side-channel leakages. Our evaluation is based on one of the most general forms of leakage assessment methodology known as non-specific t-test. Practical SCA evaluations (using a Spartan-6 FPGA platform) demonstrate that solely the BRAM primitive but none of the distributed RAM elements can be used to realize an SCA-protected implementation.

References

  1. 1.
    Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: Higher-order threshold implementations. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 326–343. Springer, Heidelberg (2014)Google Scholar
  2. 2.
    Bringer, J., Chabanne, H., Le, T.: Protecting AES against side-channel analysis using wire-tap codes. J. Crypt. Eng. 2(2), 129–141 (2012)CrossRefGoogle Scholar
  3. 3.
    Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop, Nara (2011)Google Scholar
  4. 4.
    Güneysu, T., Moradi, A.: Generic side-channel countermeasures for reconfigurable devices. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 33–48. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  5. 5.
    Guntur, H., Ishii, J., Satoh, A.: Side-channel attack user reference architecture SAKURA-G. In: GCCE 2014. IEEE Computer Society (2014). http://satoh.cs.uec.ac.jp/SAKURA/index.html
  6. 6.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999) CrossRefGoogle Scholar
  7. 7.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, New York (2007)MATHGoogle Scholar
  8. 8.
    Mangard, S., Pramstaller, N., Oswald, E.: Successfully attacking masked AES hardware implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  9. 9.
    Moradi, A., Mischke, O., Eisenbarth, T.: Correlation-enhanced power analysis collision attack. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 125–139. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  10. 10.
    Nassar, M., Souissi, Y., Guilley, S., Danger, J.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: DATE 2012, pp. 1173–1178. IEEE (2012)Google Scholar
  11. 11.
    Tiri, K., Verbauwhede, I.: A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: 2004 Design, Automation and Test in Europe Conference and Exposition (DATE 2004), pp. 246–251. IEEE Computer Society, 16–20 February 2004, Paris, France (2004)Google Scholar
  12. 12.
    Xilinx. Spartan-6 Libraries Guide for HDL Designs (UG615 v 14.1), April 2012. http://www.xilinx.com/support/documentation/swmanuals/xilinx141/spartan6hdl.pdf

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Pascal Sasdrich
    • 1
  • Oliver Mischke
    • 1
    • 2
  • Amir Moradi
    • 1
  • Tim Güneysu
    • 1
  1. 1.Horst Görtz Institute for IT-SecurityRuhr-Universität BochumBochumGermany
  2. 2.Infineon Technologies AG, Chip Card and Security DivisionMunichGermany

Personalised recommendations