Abstract
Side-channel attacks (SCA) threaten electronic cryptographic devices and can be carried out by monitoring the physical characteristics of security circuits. Differential Power Analysis (DPA) is one the most widely studied side-channel attacks. Numerous countermeasure techniques, such as Random Delay Insertion (RDI), have been proposed to reduce the risk of DPA attacks against cryptographic devices. The RDI technique was first proposed for microprocessors but it was shown to be unsuccessful when implemented on smartcards as it was vulnerable to a variant of the DPA attack known as the Sliding-Window DPA attack.
Previous research by the authors investigated the use of the RDI countermeasure for Field Programmable Gate Array (FPGA) based cryptographic devices. A split-RDI technique was proposed to improve the security of the RDI countermeasure. A set of critical parameters was also proposed that could be utilized in the design stage to optimize a security algorithm design with RDI in terms of area, speed and power. The authors also showed that RDI is an efficient countermeasure technique on FPGA in comparison to other countermeasures.
In this article, a new RDI logic design is proposed that can be used to cost-efficiently implement RDI on FPGA devices. Sliding-Window DPA and realignment attacks, which were shown to be effective against RDI implemented on smartcard devices, are performed on the improved RDI FPGA implementation. We demonstrate that these attacks are unsuccessful and we also propose a realignment technique that can be used to demonstrate the weakness of RDI implementations.
- Agilent. 2009. Agilent Technologies InfiniiVision 6000 Series datasheet. http://cp.literature.agilent.com.Google Scholar
- Brier, E., Clavier, C., and Olivier, F. 2004. Correlation power analysis with a leakage model. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’04). Lecture Notes in Computer Science, vol. 3156, Springer, 16--29.Google Scholar
Cross Ref
- Bucci, M., Luzzi, R., Guglielmo, M., and TrifiIetti, A. 2005. A countermeasure against differential power analysis, based on random delay insertion. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’05). 3547--3550.Google Scholar
Cross Ref
- Clavier, C., Coren, J., and Dabbous, N. 2000. Differential analysis in the presence of hardware countermeasures. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’00). Springer, 2000. Google Scholar
Digital Library
- Coron, J.-S. and Kizhvatov, I. 2009. An efficient method for random delay generation in embedded software. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’09). Springer, 2009. Google Scholar
Digital Library
- Daemon, J. and Rijmen, V. 2002. The Design of Rijndael: AES-The Advanced Encryption Standard. Springer-Verlag. Google Scholar
Digital Library
- Fischer, V. and Drutarovsk, M. 2002. True random number generator embedded in reconfigurable hardware. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’02). Lecture Notes in Computer Science, vol. 2523, Springer, 415--430. Google Scholar
Digital Library
- Guilley, S., Hoogvorst, P., Mathieu, Y., and Pacalet, R. 2005. The “backend duplication” method A leakage-proof place-and-route strategy for ASICs. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’05). 383--397. Google Scholar
Digital Library
- Kocher, P., Jaffe, J., and Jun, B. 1999. Differential power analysis. In Proceedings of the International Cryptology Conference (CRYPTO’99). Springer-Verlag 388--397. Google Scholar
Digital Library
- Kocher, P., Jaffe, J., and Jun, B. 2001. Using unpredictable information to minimize leakage from smartcards and other cryptosystems. United States Patent No. 6327661.Google Scholar
- Lu, Y., O’Neill, M., and McCanny, J. 2008. FPGA implementation and analysis of random delay insertion countermeasure against DPA. In Proceedings of the International Conference on Programmable Technology (ICFPT’08).Google Scholar
- Mangard, S., Pramstaller, N., and Oswald, E. 2005. Successfully attacking masked AES hardware implementations. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’05). Springer. Google Scholar
Digital Library
- Margues de Sa, J. P. 2001. Pattern Recognition: Concepts, Methods, and Applications. Springer.Google Scholar
Cross Ref
- Moore, S., Anderson, R., Mullins, R., Taylor, G., and Fournier, J. 2003. Balanced self-checking asynchronous logic for smart card applications. Microprocess. Microsyst. J. 421--430.Google Scholar
- Nagashima, S., Homma, N., Imai, Y., Aoki, T., and Satoh, A. 2007. DP A Using Phase-based Waveform Matching against Random-delay Countermeasure. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’07). 807--1810.Google Scholar
- O’Donnell, C. W., Suh, G. E., and Devadas, S. 2004. PUF-based random number generation, MIT CSAIL CSG Tech. memo 481.Google Scholar
- Ors, S. B., Oswald, E., and Preneel, B. 2003. Power-analysis attacks on an FPGA: First experimental results. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’05). Lecture Notes in Computer Science, vol. 2279, Springer, 35.Google Scholar
- Oswald, E. and Schramm, K. 2006. An efficient masking scheme for AES software implementations. In Proceedings of the Workshop on Information Security Applications (WISA’05). Lecture Notes in Computer Science, vol. 2006, 292--305. Google Scholar
Digital Library
- Popp, T. and Mangard, S. 2005. Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’05). Springer. Google Scholar
Digital Library
- Pramstaller, N., Oswald, E., Mangard, S., Gurkaynak, F. K., and Haene, S. 2004. A masked AES ASIC implementation. In Proceedings of the Austrochip Workshop on Microelectronics. 77--82.Google Scholar
- Schellekens, D., Preneel, B., and Verbauwhede, I. 2006. FPGA vendor agnostic true random number generator. In Proceedings of the International Conference on Field Programmable Logic and Applications (FPL’06). l--6.Google Scholar
- Seitz, C. 1980. Ideas about arbiters. Lambda 1, 1.Google Scholar
- Simka, M., Drutarovsky, M., and Fischer, V. 2005. Embedded true random number generator in actel FPGAs. In Proceedings of the Workshop on Cryptographic Advances in Secure Hardware (CRASH’05).Google Scholar
- Standaert, F., Ors, S. B., and Preneel, B. 2004a. Power analysis of an FPGA: Implementation of Rijndael: Is pipelining a DPA countermeasure? In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES’04). Lecture Notes in Computer Science, vol. 3156, 30--44.Google Scholar
- Standaert, F., Ors, S. B., Quisquater, J., and Preneel, B. 2004b. Power analysis attacks against FPGA implementations of the DES. In Proceedings of the Workshop on Field Programmable Logic and Application (FPL’04). Springer-Verlag, Lecture Notes in Computer Science, vol. 3203, 84.Google Scholar
- Standaert, F., Rouvroy, G., and Quisquater, J. 2006. FPGA implementations of the DES and Triple-DES masked against power analysis attacks. In Proceedings of the Workshop on Field Programmable Logic and Application (FPL’06). 1--4.Google Scholar
- Tillich, S., Herbst, C., and Mangard, S. 2007. Protecting AES software implementations on 32-bit processors against power analysis. In Proceedings of the 5th International Conference on Applied Cryptography and Network Security. Lecture Notes in Computer Science, vol. 4521, Springer-Verlag, 141--157. Google Scholar
Digital Library
- Tiri, K. and Verbauwhede, I. 2004. A Logic Level design methodology for a secure DPA resistant ASIC or FPGA implementation. In Proceedings of the Conference and Exhibition on Design, Automation and Test in Europe (DATE’04). 246--251. Google Scholar
Digital Library
- Tunstall, M. and Benoit, O. 2007. Effcient use of random delays in embedded software. In Proceedings of the Workshop in Information Security Theory and Practices (WISTP’07). Lecture Notes in Computer Science, vol. 4462, Springer, 27--38. Google Scholar
Digital Library
- Xilinx. 2009. Virtex-II Pro and Virtex-II Pro X Platform FPGAs: Complete Data Sheet. http://www.xilinx.comlsupportldocumentation.Google Scholar
Index Terms
(auto-classified)Evaluation of Random Delay Insertion against DPA on FPGAs
Recommendations
One-Sided Countermeasures for Side-Channel Attacks Can Backfire
WiSec '18: Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile NetworksSide-channel attacks are currently one of the most powerful attacks against implementations of cryptographic algorithms. They exploit the correlation between the physical measurements (power consumption, electromagnetic emissions, timing) taken at ...
Aiding side-channel attacks on cryptographic software with satisfiability-based analysis
Cryptographic algorithms, irrespective of their theoretical strength, can be broken through weaknesses in their implementations. The most successful of these attacks are side-channel attacks which exploit unintended information leakage, e.g., timing ...
Formal Verification of Software Countermeasures against Side-Channel Attacks
A common strategy for designing countermeasures against power-analysis-based side-channel attacks is using random masking techniques to remove the statistical dependency between sensitive data and side-channel emissions. However, this process is both ...






Comments