Skip to main content
SpringerLink
Log in

Moving Target and Implementation Diversity Based Countermeasures Against Side-Channel Attacks

  • Conference paper
  • First Online:
Applied Reconfigurable Computing. Architectures, Tools, and Applications (ARC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12700))

Included in the following conference series:

Abstract

Side-channel attacks (SCAs) are among the major threats to embedded systems’ security, where implementation characteristics of cryptographic algorithms are exploited to extract secret parameters. The most common SCAs take advantage of electromagnetic (EM) leakage or power consumption recorded during device operation by placing an EM probe over the chip or measuring the voltage drop across an internal resistor, respectively. In this work, two SCA countermeasures are presented which address these two types of leakage vectors. The first countermeasure supports implementation diversity and moving target defense, while the second one generates random algorithmic noise. These concepts are implemented using the dynamic partial reconfiguration (DPR) feature of modern FPGA devices. Both of the countermeasures are easily scalable, and the effect of scalability on the area overhead and security strength is presented. We evaluate our design by measuring EM emanations from a state-of-the-art System-on-Chip (SoC) with 16 nm production technology. With the most secure variant, we are able to increase the resistance against Correlation Power Analysis (CPA) by a factor of 95 compared to an unprotected AES implementation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_21

    Chapter  Google Scholar 

  2. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  3. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2

    Chapter  Google Scholar 

  4. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9

    Chapter  Google Scholar 

  5. Bow, I., et al.: Side-channel power resistance for encryption algorithms using implementation diversity. Cryptography 4(2), 13 (2020)

    Article  Google Scholar 

  6. Hettwer, B., Petersen, J., Gehrer, S., Neumann, H., Güneysu, T.: Securing cryptographic circuits by exploiting implementation diversity and partial reconfiguration on FPGAs. In: Design, Automation Test in Europe Conference Exhibition (DATE), Florence, Italy, vol. 2019, pp. 260–263 (2019). https://doi.org/10.23919/DATE.2019.8714801

  7. Xilinx, Partial Reconfiguration Controller v1.3, LogiCORE IP Product Guide, Xilinx, April 2018, vivado Design Suite PG193

    Google Scholar 

  8. Xilinx, Vivado Design Suite User Guide: Partial Reconfiguration, Xilinx, 27 April 2018

    Google Scholar 

  9. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks. Springer, Boston (2007). https://doi.org/10.1007/978-0-387-38162-6

    Book  MATH  Google Scholar 

  10. Mentens, N.: Hiding side-channel leakage through hardware randomization: a comprehensive overview. In: 2017 International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation (SAMOS), Pythagorion, pp. 269–272 (2017). https://doi.org/10.1109/SAMOS.2017.8344639

  11. Nguyen, T.T., Thevenin, M., Mouraud, A., Corre, G., Pasquier, O., Pillement, S.: High-level reliability evaluation of reconfiguration-based fault tolerance techniques. In: IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW). Vancouver, BC, vol. 2018, pp. 202–205 (2018). https://doi.org/10.1109/IPDPSW.2018.00038

  12. Reorda, M.S., Sterpone, L., Ullah, A.: An error-detection and self-repairing method for dynamically and partially reconfigurable systems. IEEE Trans. Comput. 66(6), 1022–1033 (2017). https://doi.org/10.1109/TC.2016.2607749

  13. Mentens, N., Gierlichs, B., Verbauwhede, I.: Power and fault analysis resistance in hardware through dynamic reconfiguration. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 346–362. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_22

    Chapter  Google Scholar 

  14. Güneysu, T., Moradi, A.: Generic side-channel countermeasures for reconfigurable devices. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 33–48. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_3

    Chapter  Google Scholar 

  15. Sasdrich, P., Moradi, A., Mischke, O., Güneysu, T.: Achieving side-channel protection with dynamic logic reconfiguration on modern FPGAs. In: IEEE International Symposium on Hardware Oriented Security and Trust (HOST). Washington, DC, pp. 130–136 (2015). https://doi.org/10.1109/HST.2015.7140251

  16. O’Flynn, C., Chen, Z.: A case study of side-channel analysis using decoupling capacitor power measurement with the OpenADC. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds.) FPS 2012. LNCS, vol. 7743, pp. 341–356. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37119-6_22

    Chapter  Google Scholar 

  17. Canright, D.: A very compact Rijndael S-box, September 2004. https://www.researchgate.net/publication/235155631_A_Very_Compact_Rijndael_S-box

  18. Villar, J.C.: Opencores 128/192 AES. Accessed 16 Mar 2019. https://opencores.org/projects/systemcaes

  19. Liu, G.: Gaussian Noise Generator (GNG) Verilog IP Core. Accessed 16 Mar 2019. https://github.com/liuguangxi/gng

  20. Lal, V.: LFSR-Random number generator. Accessed 16 Mar 2019. https://opencores.org/projects/lfsr_randgen

  21. verilog code for SINE PWM. Accessed 16 Mar 2019. https://community.intel.com/t5/Intel-Quartus-Prime-Software/verilog-code-for-SINE-PWM/td-p/144210

  22. Simple sine wave generator in VHDL. Accessed 16 Mar 2019. https://vhdlguru.blogspot.com/2010/03/simple-sine-wave-generator-in-vhdl.html

  23. Chami, C.A.: Pseudo random generator Tutorial. Accessed 16 Mar 2019. https://fpgasite.wordpress.com/2016/08/09/pseudo-random-generator-tutorial/

  24. Pseudo random number generator Tutorial. Accessed 16 Mar 2019. http://fpgasite.blogspot.com/2017/04/pseudo-random-generator-tutorial.html

  25. Sasdrich, P., Moradi, A., Güneysu, T.: Hiding higher-order side-channel leakage. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 131–146. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52153-4_8

    Chapter  MATH  Google Scholar 

Download references

Acknowledgements

This work was supported by the German Federal Ministry of Education and Research (BMBF) under Grant 16KIS0610.

Author information

Authors and Affiliations

  1. FZI Research Center for Information Technology, Karlsruhe, Germany

    Nadir Khan & Jürgen Becker

  2. Institute for Information Processing Technology (ITIV), KIT, Karlsruhe, Germany

    Jürgen Becker

  3. Robert Bosch GmbH, Corporate Sector Research, Stuttgart, Germany

    Benjamin Hettwer

Authors
  1. Nadir Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Benjamin Hettwer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jürgen Becker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nadir Khan .

Editor information

Editors and Affiliations

  1. IRISA, University of Rennes 1, Rennes, France

    Steven Derrien

  2. Friedrich-Alexander-Universität Erlangen-Nürnberg, Erlangen, Germany

    Frank Hannig

  3. INESC-ID, Lisboa, Portugal

    Pedro C. Diniz

  4. ENSSAT, University of Rennes 1, Lannion, France

    Daniel Chillet

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Khan, N., Hettwer, B., Becker, J. (2021). Moving Target and Implementation Diversity Based Countermeasures Against Side-Channel Attacks. In: Derrien, S., Hannig, F., Diniz, P.C., Chillet, D. (eds) Applied Reconfigurable Computing. Architectures, Tools, and Applications. ARC 2021. Lecture Notes in Computer Science(), vol 12700. Springer, Cham. https://doi.org/10.1007/978-3-030-79025-7_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-79025-7_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-79024-0

  • Online ISBN: 978-3-030-79025-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation