Advertisement

Combination of Hardware and Software: An Efficient AES Implementation Resistant to Side-Channel Attacks on All Programmable SoC

  • Jingquan Ge
  • Neng Gao
  • Chenyang Tu
  • Ji Xiang
  • Zeyi Liu
  • Jun Yuan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11098)

Abstract

With the rapid development of IoT devices in the direction of multifunction and personalization, All Programmable SoC has been used more and more frequently because of its unrivaled levels of system performance, flexibility, and scalability. On the other hand, this type of SoC faces a growing range of security threats. Among these threats, cache timing attacks and power/elctromagnetic analysis attacks are two considerable ones which have been widely studied. Although many countermeasures have been proposed to resist these two types of attacks, most of them can only withstand a single type but are often incapable when facing multi-type attacks. In this paper, we utilize the special architecture of All Programmable SoC to implement a secure AES encryption scheme which can efficiently resist both cache timing and power/electromagnetic analysis attacks. The AES implementation has a beginning software stage, a middle hardware stage and a final software stage. Operations in software and start/end round of hardware are all randomized, which allow our implementation to withstand two types of attacks. To illustrate the security of the implementation, we conduct the three types of attacks on unprotected software/hardware AES, shuffled software AES and our scheme. Furthermore, we use Test Vector Leakage Assessment (TVLA) to test their security on encryption times and power/electromagnetic traces. The final result indicates that our encryption implementation achieves a high secure level with almost 0.86 times data throughput of the shuffled software AES implementation.

Keywords

All Programmable SoC Side channel attack AES implementation Combination of hardware and software TVLA 

Notes

Acknowledgment

This work was partially supported by National Key R&D Plan No. 2016QY03D0502, and Introducing Outstanding Young Talents Project of IIE, CAS.

References

  1. 1.
    Xilinx: Expanding the All Programmable SoC Portfolio. https://www.xilinx.com/products/silicon-devices/soc.html
  2. 2.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_9CrossRefGoogle Scholar
  3. 3.
    Brumley, D., Boneh, D.: Remote timing attacks are practical. In: Proceedings of the 12th USENIX Security Symposium (2003)Google Scholar
  4. 4.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006).  https://doi.org/10.1007/11605805_1CrossRefGoogle Scholar
  5. 5.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25CrossRefGoogle Scholar
  6. 6.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44709-1_21CrossRefGoogle Scholar
  7. 7.
    Bernstein, D.: Cache-timing attacks on AES (2005). http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
  8. 8.
    Bogdanov, A., Eisenbarth, T., Paar, C., Wienecke, M.: Differential cache-collision timing attacks on AES with applications to embedded CPUs. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 235–251. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-11925-5_17CrossRefGoogle Scholar
  9. 9.
    Weiß, M., Heinz, B., Stumpf, F.: A cache timing attack on AES in virtualization environments. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 314–328. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32946-3_23CrossRefGoogle Scholar
  10. 10.
    Spreitzer, R., Plos, T.: On the applicability of time-driven cache attacks on mobile devices. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 656–662. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38631-2_53CrossRefGoogle Scholar
  11. 11.
    Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side—channel(s). In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36400-5_4CrossRefGoogle Scholar
  12. 12.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28632-5_2CrossRefGoogle Scholar
  13. 13.
    Mangard, S., Pramstaller, N., Oswald, E.: Successfully attacking masked AES hardware implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005).  https://doi.org/10.1007/11545262_12CrossRefGoogle Scholar
  14. 14.
    Longo, J., De Mulder, E., Page, D., Tunstall, M.: SoC It to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 620–640. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48324-4_31CrossRefGoogle Scholar
  15. 15.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_26CrossRefGoogle Scholar
  16. 16.
    Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_27CrossRefGoogle Scholar
  17. 17.
    Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006).  https://doi.org/10.1007/11935308_38CrossRefzbMATHGoogle Scholar
  18. 18.
    Nassar, M., Souissi, Y., Guilley, S., Danger, J.L.: RSM: a small and fast countermeasure for AES, secure against first- and second-order zero-offset SCAs. In: DATE, Dresden, Germany, pp. 1173–1178. IEEE Computer Society (2012)Google Scholar
  19. 19.
    Tunstall, M., Benoit, O.: Efficient use of random delays in embedded software. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 27–38. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-72354-7_3CrossRefGoogle Scholar
  20. 20.
    Herbst, C., Oswald, E., Mangard, S.: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 239–252. Springer, Heidelberg (2006).  https://doi.org/10.1007/11767480_16CrossRefGoogle Scholar
  21. 21.
    Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 171–188. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-04138-9_13CrossRefzbMATHGoogle Scholar
  22. 22.
    Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34961-4_44CrossRefGoogle Scholar
  23. 23.
    Patranabis, S., Roy, D.B., Vadnala, P.K., Mukhopadhyay, D., Ghosh, S.: Shuffling across rounds: a lightweight strategy to counter side-channel attacks. In: 2016 IEEE 34th International Conference on Computer Design (ICCD), pp. 440–443. IEEE Computer Society (2016)Google Scholar
  24. 24.
    Xilinx: Zynq-7000 All Programmable SoC Technical Reference Manual (2017). https://china.xilinx.com/support/documentation/user_guides/ug585-Zynq-7000-TRM.pdf
  25. 25.
    National Institute of Standards and Technology (NIST): Advanced Encryption Standard (2001). http://www.itl.nist.gov/fipspubs/
  26. 26.
    Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 97–110. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055858CrossRefGoogle Scholar
  27. 27.
    Moradi, A., Mischke, O., Eisenbarth, T.: Correlation-enhanced power analysis collision attack. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 125–139. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-15031-9_9CrossRefGoogle Scholar
  28. 28.
    Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48324-4_25CrossRefGoogle Scholar
  29. 29.
    Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop (2011). http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf
  30. 30.
    Arm Limited: ARM Cortex-A9 Technical Reference Manual (Revision r4p1) (2016). https://static.docs.arm.com/100511/0401/arm_cortexa9_trm_100511_0401_10_en.pdf

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Jingquan Ge
    • 1
    • 2
    • 3
  • Neng Gao
    • 2
    • 3
  • Chenyang Tu
    • 2
    • 3
  • Ji Xiang
    • 2
    • 3
  • Zeyi Liu
    • 2
    • 3
  • Jun Yuan
    • 1
    • 2
    • 3
  1. 1.School of Cyber SecurityUniversity of Chinese Academy of SciencesBeijingChina
  2. 2.State Key Laboratory of Information Security, Institute of Information EngineeringCASBeijingChina
  3. 3.DACAS, CASBeijingChina

Personalised recommendations