Generic Side-Channel Countermeasures for Reconfigurable Devices

  • Tim Güneysu
  • Amir Moradi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6917)

Abstract

In this work, we propose and evaluate generic hardware countermeasures against DPA attacks for recent FPGA devices. The proposed set of FPGA-specific countermeasures can be combined to resist a large variety of first-order DPA attacks, even with 100 million recorded power traces. This set includes generic and resource-efficient countermeasures for on-chip noise generation, random-data processing delays and S-box scrambling using dual-ported block memories. In particular, it is possible to build many of these countermeasures into a single IP-core or hard macro that then provides basic protection for any cryptographic implementation just by its inclusion in the design process – what is particularly useful for engineers with no or little background on security and side-channel attacks.

References

  1. 1.
    Side-channel Attack Standard Evaluation Board (SASEBO). Further information are available via, http://www.rcis.aist.go.jp/special/SASEBO/index-en.html
  2. 2.
    Beckhoff, C., Koch, D., Torresen, J.: Short-Circuits on FPGAs Caused by Partial Runtime Reconfiguration. In: FPL, pp. 596–601. IEEE Computer Society, Los Alamitos (2010)Google Scholar
  3. 3.
    Clavier, C., Coron, J.-S., Dabbous, N.: Differential Power Analysis in the Presence of Hardware Countermeasures. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Coron, J.-S.: A New DPA Countermeasure Based on Permutation Tables. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 278–292. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Coron, J.-S., Kizhvatov, I.: Analysis and Improvement of the Random Delay Countermeasure of CHES 2009. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 95–109. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002)MATHGoogle Scholar
  7. 7.
    Golic, J.D., Tymen, C.: Multiplicative Masking and Power Analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis (the “duplication” method). In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  9. 9.
    Güneysu, T.: Using Data Contention in Dual-ported Memories for Security Applications. Journal of Signal Processing Systems, 1–15 (2010)Google Scholar
  10. 10.
    Irwin, J., Page, D., Smart, N.P.: Instruction Stream Mutation for Non-Deterministic Processors. In: ASAP, pp. 286–295. IEEE Computer Society, Los Alamitos (2002)Google Scholar
  11. 11.
    Itoh, K., Yajima, J., Takenaka, M., Torii, N.: DPA Countermeasures by Improving the Window Method. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 303–317. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  13. 13.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  14. 14.
    Macé, F., Standaert, F.-X., Quisquater, J.-J.: Information Theoretic Evaluation of Side-Channel Resistant Logic Styles. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 427–442. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Mamiya, H., Miyaji, A., Morimoto, H.: Efficient Countermeasures Against RPA, DPA, and SPA. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 343–356. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Mangard, S.: Hardware Countermeasures Against DPA – A Statistical Analysis of their Effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)MATHGoogle Scholar
  18. 18.
    Mentens, N., Gierlichs, B., Verbauwhede, I.: Power and Fault Analysis Resistance in Hardware Through Dynamic Reconfiguration. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 346–362. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Moradi, A., Poschmann, A.: Lightweight Cryptography and DPA Countermeasures: A survey. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 68–79. Springer, Heidelberg (2010)Google Scholar
  20. 20.
    Okeya, K., Takagi, T.: A More Flexible Countermeasure Against Side Channel Attacks using Window Method. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 397–410. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Prouff, E., McEvoy, R.: First-order Side-Channel Attacks on the Permutation Tables Countermeasure. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 81–96. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  23. 23.
    Standaert, F.-X., Örs, S.B., Preneel, B.: Power Analysis of an FPGA: Implementation of Rijndael: Is Pipelining a DPA Countermeasure? In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 30–44. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  24. 24.
    Tillich, S., Herbst, C.: Attacking State-of-the-art Software Countermeasures—A Case Study for AES. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 228–243. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  25. 25.
    Varchola, M.: FPGA Based True Random Number Generators for Embedded Cryptographic Applications. PhD thesis, Technical University of Kosice (2008)Google Scholar
  26. 26.
    Xilinx Inc. User Guides for Xilinx FPGA devices (April 2011), http://www.xilinx.com

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Tim Güneysu
    • 1
  • Amir Moradi
    • 1
  1. 1.Horst Görtz Institute for IT SecurityRuhr University BochumGermany

Personalised recommendations