A Design Methodology for a DPA-Resistant Cryptographic LSI with RSL Techniques

  • Minoru Saeki
  • Daisuke Suzuki
  • Koichi Shimizu
  • Akashi Satoh
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5747)


A design methodology of Random Switching Logic (RSL) using CMOS standard cell libraries is proposed to counter power analysis attacks against cryptographic hardware modules. The original RSL proposed in 2004 requires a unique RSL-gate for random data masking and glitch suppression to prevent secret information leakage through power traces. However, our new methodology enables to use general logic gates supported by standard cell libraries. In order to evaluate its practical performance in hardware size and speed as well as resistance against power analysis attacks, an AES circuit with the RSL technique was implemented as a cryptographic LSI using a 130-nm CMOS standard cell library. From the results of attack experiments that used a million traces, we confirmed that the RSL-AES circuit has very high DPA and CPA resistance thanks to the contributions of both the masking function and the glitch suppressing function. This is the first result demonstrating reduction of the side-channel leakage by glitch suppression quantitatively on real ASIC.


  1. 1.
    Kocher, P.C.: Timing Attacks on Implementations of Diffe-Hellmann, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  2. 2.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Suzuki, D., Saeki, M., Ichikawa, T.: Random Switching Logic: A Countermeasure against DPA based on Transition Probability. Cryptology ePrint Archive, Report 2004/346 (2004)Google Scholar
  4. 4.
    Suzuki, D., Saeki, M., Ichikawa, T.: Random Switching Logic: A New Countermeasure against DPA and Second-Order DPA at the Logic Level. IEICE Trans. Fundamentals E90-A(1), 160–168 (2007)CrossRefGoogle Scholar
  5. 5.
    Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Waddle, J., Wagner, D.: Towards Efficient Second-Order Power Analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Tiri, K., Schaumont, P.: Changing the Odds against Masked Logic. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 134–146. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Tiri, K., Schaumont, P.: Masking and Dual-Rail Logic Don’t Add Up. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 95–106. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: Design, Automation and Test in Europe Conference (DATE 2004), pp. 246–251 (2004)Google Scholar
  10. 10.
  11. 11.
    Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Suzuki, D., Saeki, M., Ichikawa, T.: DPA Lekage Models for CMOS Logic Circuits. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 366–382. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Cryptographic Hardware Project: Project Webpage, http://www.aoki.ecei.tohoku.ac.jp/crypto/web/cores.html
  15. 15.
    Tiri, K., Hwang, D., Hojat, A., Lai, B., Yang, S., Schaumont, P., Verbauwhede, I.: Prototype IC with WDDL and Differential Routing - DPA Resistance Assessment. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 354–365. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Side-channel Attack Standard Evaluation Board (SASEBO) Webpage, http://www.rcis.aist.go.jp/special/SASEBO/index-en.html
  17. 17.
    Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  18. 18.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Investigations of Power Analysis Attacks on Smartcards. In: USENIX 1999 (1999), http://www.usenix.org/
  19. 19.
    Bevan, R., Knudsen, R.: Ways to enhance differential power analysis. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 327–342. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Suzuki, D., Saeki, M., Matsumoto T.: Self-Contained Template Attack: How to Detect Weak Bits for Power Analysis without Reference Devices. In: SCIS 2009, 1A1-2 (2009) (in Japanese)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Minoru Saeki
    • 1
  • Daisuke Suzuki
    • 1
    • 2
  • Koichi Shimizu
    • 1
  • Akashi Satoh
    • 3
  1. 1.Information Technology R&D CenterMitsubishi Electric CorporationKamakura KanagawaJapan
  2. 2.Graduate School of Environmental and Information SciencesYokohama National UniversityYokohama KanagawaJapan
  3. 3.Research Center for Information SecurityNational Institute of Advanced Industrial Science and Technology (AIST) ChiyodaTokyoJapan

Personalised recommendations