Advertisement

Masking at Gate Level in the Presence of Glitches

  • Wieland Fischer
  • Berndt M. Gammel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3659)

Abstract

It has recently been shown that logic circuits in the implementation of cryptographic algorithms, although protected by “secure” random masking schemes, leak side-channel information, which can be exploited in differential power attacks [14]. The leak is due to the fact that the mathematical models describing the gates neglected multiple switching of the outputs of the gates in a single clock cycle. This effect, however, is typical for CMOS circuits and known as glitching. Hence several currently known masking schemes are not secure in theory or practice. Solutions for DPA secure circuits based on logic styles which do not show glitches have several disadvantages in practice. In this paper, we refine the model for the power consumption of CMOS gates taking into account the side-channel of glitches. It is shown that for a general class of gate-level masking schemes a universal set of masked gates does not exist. However, there is a family of masked gates which is theoretically secure in the presence of glitches if certain practically controllable implementation constraints are imposed. This set of gates should be suitable for automated CMOS circuit synthesis.

Keywords

Cryptanalysis side-channel attacks power analysis DPA digital circuits logic circuits masking random masking masked logic circuits glitches 

References

  1. 1.
    Akkar, M.-L., Bevan, R., Goubin, L.: Two Power Analysis Attacks against One-Mask Methods. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 332–347. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Akkar, M.-L., Giraud, C.: An Implementation of DES and AES, Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Blömer, J., Guajardo, J., Krummel, V.: Provably Secure Masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  5. 5.
    Clavier, C., Coron, J.-S., Dabbous, N.: Differential Power Analysis in the Presence of Hardware Countermeasures. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Coron, J.-S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Golić, J.D., Menicocci, R.: Universal Masking on Logic Gate Level. Electronics Letters 40(9), 526–527 (2004)CrossRefGoogle Scholar
  9. 9.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis – The Duplication Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  10. 10.
    Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Klug, F., Kniffler, O., Gammel, B.M.: Rechenwerk und Verfahren zum Ausführen einer arithmetischen Operation mit verschlüsselten Operanden. German Patent DE 10201449 C1 (January 16, 2002)Google Scholar
  12. 12.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  13. 13.
    Mangard, S.: Hardware Countermeasures against DPA – A Statistical Analysis of Their Effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    Messerges, T.S.: Securing the AES Finalists Against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Messerges, T.S., Dabbish, E.A., Puhl, L.: Method and Apparatus for Preventing Information Leakage Attacks on a Microelectronic Assembly. US Patent 6, 295, 606 (September 25, 2001), available at, http://www.uspto.gov/
  17. 17.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power Analysis Attacks of Modular Exponentiation in Smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  18. 18.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)CrossRefMathSciNetGoogle Scholar
  19. 19.
    Rabaey, J.M.: Digital Integrated Circuits. Prentice-Hall, Englewood Cliffs (1996) ISBN 0-13-178609-1Google Scholar
  20. 20.
    Shamir, A.: Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 71–77. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  21. 21.
    Tiri, K., Verbauwhede, I.: Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 137–151. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: Proc. of Design, Automation and Test in Europe Conference – DATE 2004, pp. 246–251. IEEE Computer Society, Los Alamitos (2004)CrossRefGoogle Scholar
  23. 23.
    Trichina, E.: Combinational Logic Design for AES SubByte Transformation on Masked Data, Cryptology ePrint Archive, Report 2003/236, available at, http://eprint.iacr.org/

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Wieland Fischer
    • 1
  • Berndt M. Gammel
    • 1
  1. 1.Infineon Technologies AGMunichGermany

Personalised recommendations