On Measurable Side-Channel Leaks Inside ASIC Design Primitives

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8086)


Leaks inside semi-custom ASIC (Application Specific Integrated Circuit) design primitives are rigorously investigated. The study is conducted by measuring a dedicated TEG (Test Element Group) chip with a small magnetic-field probe on the chip surface. Measurement targets are standard cells and a memory macro cell. Leaks inside the primitives are focused as many of conventional countermeasures place measurability boundaries on these primitives. Firstly, it is shown that current-path leak: a leak based on input-dependent active current path within a standard cell [1] is measurable. Major gate-level countermeasures (RSL, MDPL, and WDDL) become vulnerable if the current-path leak is considered. Secondly, it is shown that internal-gate leak: a leak based on non-linear sub-circuit within a XOR cell is measurable. It can be exploited to bias the distribution of the random mask. Thirdly, it is shown that geometric leak: a leak based on geometric layout of the memory matrix structure is measurable. It is a leak correlated to integer representation of the memory address. We also show that a ROM-based countermeasure (Dual-rail RSL memory [10]) becomes vulnerable with the geometric leak. A general transistor-level design method to counteract the current-path and internal-gate leaks is also shown.


  1. 1.
    Takahashi, Y.: Cryptographic Module Evaluation Methods for Resistance against Power Analysis Attacks. Doctoral thesis, Yokohama National University (2012)Google Scholar
  2. 2.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. CRYPTO (1999)Google Scholar
  3. 3.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer (2007)Google Scholar
  4. 4.
    Suzuki, D., Saeki, M., Ichikawa, T.: DPA Leakage Models for CMOS Logic Circuits. CHES (2005)Google Scholar
  5. 5.
    Maghrebi, H., Prouff, E., Guilley, S., Danger, J.-L.: A First-Order Leak-Free Masking Countermeasure. CT-RSA (2012)Google Scholar
  6. 6.
    Moradi, A., Mischke, O., Eisenbarth, T.: Correlation-Enhanced Power Analysis Collision Attack. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 125–139. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and electromagnetic analysis: Improved model, consequences and comparisons. Integration, the VLSI Journal 40(1), 52–60 (2007)CrossRefGoogle Scholar
  8. 8.
    Mangard, S., Schramm, K.: Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Suzuki, D., Saeki, M., Ichikawa, T.: Random Switching Logic: A Countermeasure against DPA based on Transition Probability. IACR Cryptology ePrint Archive 2004: 346 (2004)Google Scholar
  10. 10.
    Li, Y., Sakiyama, K., Gomisawa, S., Fukunaga, T., Takahashi, J., Ohta, K.: Fault Sensitivity Analysis. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 320–334. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Silicon zoo, Megamos chip XOR gate,
  12. 12.
    Hoogvorst, P., Duc, G., Danger, J.-L.: Software Implementation of Dual-Rail Representation. In: COSADE 2011 (2011)Google Scholar
  13. 13.
    Shah, S., Velegalati, R., Kaps, J.-P., Hwang, D.: Investigation of DPA Resistance of Block RAMs in Cryptographic Implementations on FPGAs. Reconfig 2010 (2010)Google Scholar
  14. 14.
    Konur, E., Ozelci, Y., Arikan, E., Eksi, U.: Power Analysis Resistant SRAM. In: WAC 2006 (2006)Google Scholar
  15. 15.
    Rožić, V., Dehaene, W., Verbaushede, I.: Design Solutions for Securing SRAM Cell Against Power Analysis. In: HOST 2012 (2012)Google Scholar
  16. 16.
    Side-channel Attack Standard Evaluation Board (SASEBO-RII),
  17. 17.
    Tiri, K., Schaumont, P.: Changing the Odds against Masked Logic. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 134–146. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: DATE 2004 (2004)Google Scholar
  19. 19.
    Uyemura, J.P.: Introduction to VLSI Circuits and Systems. Wiley (2001)Google Scholar
  20. 20.
    Hashimoto, Y., Iwai, K., Shiozaki, M., Asagawa, S., Ukai, S., Fujino, T.: AES Cryptographic Circuit utilizing Dual-Rail RSL Memory Technique. In: The 29th Symposium on Cryptography and Information Security (2012) (in Japanese)Google Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  1. 1.Mitsubishi Electric CorporationJapan
  2. 2.Ritsumeikan UniversityJapan

Personalised recommendations