Side-Channel Leakage in Masked Circuits Caused by Higher-Order Circuit Effects

  • Zhimin Chen
  • Syed Haider
  • Patrick Schaumont
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)


Hardware masking is a well-known countermeasure against Side-Channel Attacks (SCA). Like many other countermeasures, the side-channel resistance of masked circuits is susceptible to low-level circuit effects. However, no detailed analysis is available that explains how, and to what extent, these low-level circuit effects are causing side-channel leakage. Our first contribution is a unified and consistent analysis to explain how glitches and inter-wire capacitance cause side-channel leakage on masked hardware. Our second contribution is to show that inter-wire capacitance and glitches are causing side-channel leakage of comparable magnitude according to HSPICE simulations. Our third contribution is to confirm our analysis with a successful DPA-attack on a 90nm COMS FPGA implementation of a glitch-free masked AES S-Box. According to existing literature, this circuit would be side-channel resistant, while according to our analysis and measurement, it shows side-channel leakage. Our conclusion is that circuit-level effects, not only glitches, present a practical concern for masking schemes.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  2. 2.
    Chari, S., Jutla, C.S., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A Side-Channel Analysis Resistant Description of the AES S-Box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 413–423. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Mangard, S., Schramm, K.: Pinpointing the Side-channel Leakage of Masked AES Hardware Implementation. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)MATHGoogle Scholar
  6. 6.
    Blömer, J., Guajardo, J., Krummel, V.: Provably Secure Masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: Proc. of DATE 2004, pp. 246–251 (2004)Google Scholar
  8. 8.
    Gierlilchs, B.: DPA-resistance without routing constraints? In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 107–120. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Rabaey, J.M., Chanadrakasan, A., Nikolic, B.: Digital Integrated Circuits: A Design Perspective, 2nd edn. Prentice Hall, Englewood Cliffs (2003)Google Scholar
  10. 10.
    Weste, N.H.E., Harris, D.: CMOS VLSI Design: A Circuits and Systems Perspective, 3rd edn. (2005) ISBN: 0-321-14901-7Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Zhimin Chen
    • 1
  • Syed Haider
    • 1
  • Patrick Schaumont
    • 1
  1. 1.Virginia TechBlacksburgUSA

Personalised recommendations