SCA-Resistance for AES: How Cheap Can We Go?

  • Ricardo Chaves
  • Łukasz Chmielewski
  • Francesco Regazzoni
  • Lejla Batina
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10831)

Abstract

This paper introduces a novel AES structure capable of improving the robustness against power analysis attacks while allowing for a very compact structure with a potentially negligible area and performance impact. The proposed design is based on a low entropy masking scheme, where half of the time the true value and half of the time the complemented value are used to mask the power consumption variation. The obtained experimental results suggest that the area overhead for the protection against power analysis is as low as 5% LUT increase with a performance degradation of about 10%. When compared with the state of the art supported on FPGAs, efficiency improvements above 6 times and a throughput improvement of at least two times higher are achieved.

Notes

Acknowledgements

This work was partially supported by national funds through Fundação para a Ciência e a Tecnologia (FCT) with reference UID/CEC/50021/2013 and upon work from COST Action IC1403 CRYPTACUS, supported by COST (European Cooperation in Science and Technology).

References

  1. 1.
    Becker, G., Cooper, J., DeMulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., Kouzminov, T., Leiserson, A., Marson, M., Rohatgi, P., Saab, S.: Test vector leakage assessment (TVLA) methodology in practice. In: International Cryptographic Module Conference, vol. 1001, p. 13 (2013)Google Scholar
  2. 2.
    Canright, D.: A very compact S-box for AES. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 441–455. Springer, Heidelberg (2005).  https://doi.org/10.1007/11545262_32CrossRefGoogle Scholar
  3. 3.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_26Google Scholar
  4. 4.
    Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36400-5_3CrossRefGoogle Scholar
  5. 5.
    Chaves, R., Kuzmanov, G., Vassiliadis, S., Sousa, L.: Reconfigurable memory based AES co-processor. In: 20th International Parallel and Distributed Processing Symposium 2006, IPDPS 2006, pp. 8–pp. IEEE (2006)Google Scholar
  6. 6.
    Doget, J., Prouff, E., Rivain, M., Standaert, F.X.: Univariate side channel attacks and leakage modeling. J. Cryptograph. Eng. 1(2), 123–144 (2011)CrossRefGoogle Scholar
  7. 7.
    Gilbert Goodwill, B.J., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation (2011)Google Scholar
  8. 8.
    Güneysu, T., Moradi, A.: Generic side-channel countermeasures for reconfigurable devices. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 33–48. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23951-9_3CrossRefGoogle Scholar
  9. 9.
    Guntur, H., Ishii, J., Satoh, A.: Side-channel attack user reference architecture board SAKURA-G. In: 2014 IEEE 3rd Global Conference on Consumer Electronics (GCCE), pp. 271–274, October 2014Google Scholar
  10. 10.
    Kaps, J., Velegalati, R.: DPA resistant AES on FPGA using partial DDL. In: 2010 18th IEEE Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), pp. 273–280. IEEE (2010)Google Scholar
  11. 11.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25Google Scholar
  12. 12.
    Messerges, T.S.: Securing the AES finalists against power analysis attacks. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44706-7_11CrossRefGoogle Scholar
  13. 13.
    Nassar, M., Guilley, S., Danger, J.-L.: Formal analysis of the entropy/security trade-off in first-order masking countermeasures against side-channel attacks. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 22–39. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25578-6_4CrossRefGoogle Scholar
  14. 14.
    Nassar, M., Souissi, Y., Guilley, S., Danger, J.L.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: Design, Automation and Test in Europe Conference and Exhibition (DATE), pp. 1173–1178. IEEE (2012)Google Scholar
  15. 15.
    Oswald, E., Schramm, K.: An efficient masking scheme for AES software implementations. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 292–305. Springer, Heidelberg (2006).  https://doi.org/10.1007/11604938_23CrossRefGoogle Scholar
  16. 16.
    Regazzoni, F., Eisenbarth, T., Poschmann, A., Großschädl, J., Gürkaynak, F.K., Macchetti, M., Deniz, Z.T., Pozzi, L., Paar, C., Leblebici, Y., Ienne, P.: Evaluating resistance of MCML technology to power analysis attacks using a simulation-based methodology. Trans. Comput. Sci. 4, 230–243 (2009)Google Scholar
  17. 17.
    Regazzoni, F., Wang, Y., Standaert, F.X.: FPGA implementations of the AES masked against power analysis attacks. Proc. COSADE 2011, 56–66 (2011)Google Scholar
  18. 18.
    Sasdrich, P., Mischke, O., Moradi, A., Güneysu, T.: Side-channel protection by randomizing look-up tables on reconfigurable hardware. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 95–107. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-21476-4_7CrossRefGoogle Scholar
  19. 19.
    Sasdrich, P., Moradi, A., Mischke, O., Güneysu, T.: Achieving side-channel protection with dynamic logic reconfiguration on modern FPGAs. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, Washington, DC, USA, 5–7 May 2015, pp. 130–136 (2015)Google Scholar
  20. 20.
    Suzuki, D., Saeki, M.: Security evaluation of DPA countermeasures using dual-rail pre-charge logic style. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 255–269. Springer, Heidelberg (2006).  https://doi.org/10.1007/11894063_21CrossRefGoogle Scholar
  21. 21.
    Tiri, K., Verbauwhede, I.: Securing encryption algorithms against DPA at the logic level: next generation smart card technology. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 125–136. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45238-6_11CrossRefGoogle Scholar
  22. 22.
    Tiri, K., Verbauwhede, I.: A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: 2004 Design, Automation and Test in Europe Conference and Exposition (DATE 2004), Paris, France, 16–20 February 2004, pp. 246–251 (2004)Google Scholar
  23. 23.
    Wild, A., Moradi, A., Güneysu, T.: Glifred: glitch-free duplication - towards power-equalized circuits on FPGAs. IACR Cryptology ePrint Archive 2015, 124 (2015)Google Scholar
  24. 24.
    Ye, X., Eisenbarth, T.: On the vulnerability of low entropy masking schemes. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 44–60. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-08302-5_4Google Scholar
  25. 25.
    Yu, P., Schaumont, P.: Secure FPGA circuits using controlled placement and routing. In: Proceedings of the 5th International Conference on Hardware/Software Codesign and System Synthesis, CODES + ISSS 2007, Salzburg, Austria, 30 September–3 October 2007, pp. 45–50 (2007)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Ricardo Chaves
    • 1
  • Łukasz Chmielewski
    • 2
  • Francesco Regazzoni
    • 3
  • Lejla Batina
    • 4
  1. 1.INESC-ID, ISTUniversidade de LisboaLisbonPortugal
  2. 2.Riscure BVDelftThe Netherlands
  3. 3.ALaRI - University of LuganoLuganoSwitzerland
  4. 4.Digital Security Group - ICISRadboud University NijmegenNijmegenThe Netherlands

Personalised recommendations