Implementation and Evaluation of an SCA-Resistant Embedded Processor

  • Stefan Tillich
  • Mario Kirschbaum
  • Alexander Szekely
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7079)


Side-channel analysis (SCA) attacks are a threat for many embedded applications which have a need for security. With embedded processors being at the very heart of such applications, it is desirable to address SCA attacks with countermeasures which “naturally” fit deployment in those processors. This paper describes our work in implementing one such protection concept in an ASIC prototype and our results from a practical evaluation of its security. We are able to demonstrate that the basic principle of limiting the “leaking” portion of the processor works rather well to reduce the side-channel leakage. From this result we can draw valuable conclusions for future embedded processor design. In order to minimize the remaining leakage, the security concept calls for the application of a secure logic style. We used two concrete secure logic styles (iMDPL and DWDDL) in order to demonstrate this increase in security. Unfortunately, neither of these logic styles seems to do a particularly good job as we were still able to attribute SCA leakage to the secure-logic part of the processor. If a better suited logic style can be employed we believe that the overall leakage of the processor can be further reduced. Thus we deem the evaluated security concept as a viable method for protecting embedded processors.


Side-channel analysis SCA countermeasures embedded processors iMDPL DWDDL 


  1. 1.
    Ambrose, J.A., Parameswaran, S., Ignjatovic, A.: MUTE-AES: A Multiprocessor Architecture to prevent Power Analysis based Side Channel Attack of the AES Algorithm. In: IEEE/ACM International Conference on Computer-Aided Design (ICCAD) 2008, pp. 678–684. IEEE (2008)Google Scholar
  2. 2.
    Barthe, L., Benoit, P., Torres, L.: Investigation of a Masking Countermeasure against Side-Channel Attacks for RISC-based Processor Architectures. In: 2010 International Conference on Field Programmable Logic and Applications, pp. 139–144. IEEE Computer Society (2010)Google Scholar
  3. 3.
    Faraday Technology Corporation. Faraday FSA0A_C 0.18 μm ASIC Standard Cell Library (2004), Details,
  4. 4.
    Gaisler Research. GRLIB IP Library User’s Manual. Version 1.1.0 B4100 (October 2010)
  5. 5.
    Kirschbaum, M., Popp, T.: Evaluation of a DPA-Resistant Prototype Chip. In: 25th Annual Computer Security Applications Conference (ACSAC 2009), Honolulu, Hawaii, USA, December 7-11 (2009)Google Scholar
  6. 6.
    Kumar, S.S., Paar, C., Pelzl, J., Pfeiffer, G., Rupp, A., Schimmler, M.: How to Break DES for 8,980. In: Workshop on Special-purpose Hardware for Attacking Cryptographic Systems - SHARCS 2006, Cologne, Germany, April 3-4 (2006)Google Scholar
  7. 7.
    Kumar, S., Paar, C., Pelzl, J., Pfeiffer, G., Schimmler, M.: Breaking Ciphers with COPACOBANA –A Cost-Optimized Parallel Code Breaker. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 101–118. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks – Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007) ISBN 978-0-387-30857-9MATHGoogle Scholar
  9. 9.
    Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Mangard, S., Pramstaller, N., Oswald, E.: Successfully Attacking Masked AES Hardware Implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    May, D., Muller, H.L., Smart, N.P.: Non-deterministic Processors. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 115–129. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Nakatsu, D., Li, Y., Sakiyama, K., Ohta, K.: Combination of SW Countermeasure and CPU Modification on FPGA against Power Analysis. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 258–272. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  13. 13.
    Alfke, P.: Xilinx Application note on Shift Registers and LFSR counters (July 1996),
  14. 14.
    Popp, T., Kirschbaum, M., Zefferer, T., Mangard, S.: Evaluation of the Masked Logic Style MDPL on a Prototype Chip. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 81–94. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Popp, T., Mangard, S.: Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 172–186. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Regazzoni, F., Cevrero, A., Standaert, F.-X., Badel, S., Kluter, T., Brisk, P., Leblebici, Y., Ienne, P.: A Design Flow and Evaluation Framework for DPA-Resistant Instruction Set Extensions. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 205–219. Springer, Heidelberg (2009) ISBN 978-3-642-04137-2CrossRefGoogle Scholar
  17. 17.
    Schaumont, P., Tiri, K.: Masking and Dual-Rail Logic Don’t Add Up. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 95–106. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Suzuki, D., Saeki, M.: Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 255–269. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Tillich, S., Großschädl, J.: Power Analysis Resistant AES Implementation with Instruction Set Extensions. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 303–319. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Tillich, S., Kirschbaum, M., Szekely, A.: SCA-Resistant Embedded Processors—The Next Generation. In: 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, Texas, USA, December 6-10, pp. 211–220. ACM (2010)Google Scholar
  21. 21.
    Tiri, K., Schaumont, P.: Changing the Odds Against Masked Logic. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 134–146. Springer, Heidelberg (2007), CrossRefGoogle Scholar
  22. 22.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: 2004 Design, Automation and Test in Europe Conference and Exposition (DATE 2004), Paris, France, February 16-20, vol. 1, pp. 246–251. IEEE Computer Society (2004) ISBN 0-7695-2085-5Google Scholar
  23. 23.
    Yu, P., Schaumont, P.: Secure FPGA circuits using controlled placement and routing. In: Proceedings of the 5th IEEE/ACM International Conference on Hardware/Software Codesign and System Synthesis, Salzburg, Austria, September 30 - October 5, pp. 45–50. ACM Press (2007) ISBN 978-1-59593-824-4Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Stefan Tillich
    • 1
  • Mario Kirschbaum
    • 2
  • Alexander Szekely
    • 2
  1. 1.Computer Science DepartmentUniversity of BristolBristolUK
  2. 2.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria

Personalised recommendations