Power Side Channels in Security ICs: Hardware Countermeasures

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations

Memory-Based High-Level Synthesis Optimizations Security Exploration on the Power Side-Channel

High-level synthesis (HLS) allows hardware designers to think algorithmically and not worry about low-level, cycle-by-cycle details. This provides the ability to quickly explore the architectural design space and tradeoffs between resource utilization and performance. Unfortunately, security evaluation is not a standard part of the HLS design flow. In this article, we aim to understand the effects of memory-based HLS optimizations on power side-channel leakage. We use Xilinx Vivado HLS to develop different cryptographic cores, implement them on a Spartan-6 FPGA, and collect power traces. We evaluate the designs with respect to resource utilization, performance, and information leakage through power consumption. We have two important observations and contributions. First, the choice of resource optimization directive results in different levels of side-channel vulnerabilities. Second, the partitioning optimization directive can greatly compromise the hardware cryptographic system through power side-channel leakage due to the deployment of memory control logic. We describe an evaluation procedure for power side-channel leakage and use it to make best-effort recommendations about how to design more secure architectures in the cryptographic domain

Transmission gate based dual rail logic for differential power analysis resistant circuits

Cryptographic devices with hardware implementation of the algorithms are increasingly being used in various applications. As a consequence, there is an increased need for security against the attacks on the cryptographic system. Among various attack techniques, side channel attacks pose a significant threat to the hardware implementation. Power analysis attacks are a type of side channel attack where the power leakage from the underlying hardware is used to eavesdrop on the hardware operation. Wave pipelined differential and dynamic logic (WDDL) has been found to be an effective countermeasure to power analysis. This thesis studies the use of transmission gate based WDDL implementation for the differential and dynamic logic. Although WDDL is an effective defense against power analysis, the number of gates needed for the design of a secure implementation is double the number of gates used for non-secure operations. In this thesis we propose transmission gate based structures for implementation of wave pipelined dynamic and differential logic to minimize the overhead of this defense against power analysis attacks. A transmission gate WDDL design methodology is presented, and the design and analysis of a secure multiplier is given. The adder structures are compared in terms of security effectiveness and silicon area overhead for three cases: unsecured logic implementation, standard gate WDDL, and transmission gate WDDL. In simulation, the transmission gate WDDL design is seen to have similar power consumption results compared to the standard gate WDDL; however, the transmission gate based circuit uses 10-50% fewer gates compared to the static WDDL

Enhanced Hardware Security Using Charge-Based Emerging Device Technology

The emergence of hardware Trojans has largely reshaped the traditional view that the hardware layer can be blindly trusted. Hardware Trojans, which are often in the form of maliciously inserted circuitry, may impact the original design by data leakage or circuit malfunction. Hardware counterfeiting and IP piracy are another two serious issues costing the US economy more than $200 billion annually. A large amount of research and experimentation has been carried out on the design of these primitives based on the currently prevailing CMOS technology. However, the security provided by these primitives comes at the cost of large overheads mostly in terms of area and power consumption. The development of emerging technologies provides hardware security researchers with opportunities to utilize some of the otherwise unusable properties of emerging technologies in security applications. In this dissertation, we will include the security consideration in the overall performance measurements to fully compare the emerging devices with CMOS technology. The first approach is to leverage two emerging devices (Silicon NanoWire and Graphene SymFET) for hardware security applications. Experimental results indicate that emerging device based solutions can provide high level circuit protection with relatively lower performance overhead compared to conventional CMOS counterpart. The second topic is to construct an energy-efficient DPA-resilient block cipher with ultra low-power Tunnel FET. Current-mode logic is adopted as a circuit-level solution to countermeasure differential power analysis attack, which is mostly used in the cryptographic system. The third investigation targets on potential security vulnerability of foundry insider\u27s attack. Split manufacturing is adopted for the protection on radio-frequency (RF) circuit design

Side-channel attacks and countermeasures in the design of secure IC's devices for cryptographic applications

Abstract--- A lot of devices which are daily used have to guarantee the retention of sensible data. Sensible data are ciphered by a secure key by which only the key holder can get the data. For this reason, to protect the cipher key against possible attacks becomes a main issue. The research activities in hardware cryptography are involved in finding new countermeasures against various attack scenarios and, in the same time, in studying new attack methodologies. During the PhD, three different logic families to counteract Power Analysis were presented and a novel class of attacks was studied. Moreover, two different activities related to Random Numbers Generators have been addressed

Lightweight PUF-Based Gate Replacement Technique to Reduce Leakage of Information through Power Profile Analysis

The major challenge faced by electronic device designers is to defend the system from attackers and malicious modules called Hardware Trojans and to deliver a secured design. Although there are many cryptographic preventive measures in place adversaries find different ways to attack the device. Differential Power Analysis (DPA) attack is a type of Side Channel Attacks, used by an attacker to analyze the power leakage in the circuit, through which the functionality of the circuit is extracted. To overcome this, a lightweight approach is proposed in this paper using, Wave Dynamic Differential Logic (WDDL) technique, without incurring any additional resource cost and power. The primary objective of WDDL is to make the power consumption constant of an entire circuit by restricting the leakage power. The alternate strategy used by an adversary is to leak the information through reverse engineering. The proposed work avoids this by using a bit sequencer and a modified butterfly PUF based randomizing architecture. A modified version of butterfly PUF is also proposed in this paper, and from various qualitative tests performed it is evident that this PUF can prevent information leakage. This work is validated on ISCAS 85, ISCAS 89 benchmark circuits and the results obtained indicate that the difference in leakage power is found to be very marginal

Lightweight PUF-Based Gate Replacement Technique to Reduce Leakage of Information through Power Profile Analysis

The major challenge faced by electronic device designers is to defend the system from attackers and malicious modules called Hardware Trojans and to deliver a secured design. Although there are many cryptographic preventive measures in place adversaries find different ways to attack the device. Differential Power Analysis (DPA) attack is a type of Side Channel Attacks, used by an attacker to analyze the power leakage in the circuit, through which the functionality of the circuit is extracted. To overcome this, a lightweight approach is proposed in this paper using, Wave Dynamic Differential Logic (WDDL) technique, without incurring any additional resource cost and power. The primary objective of WDDL is to make the power consumption constant of an entire circuit by restricting the leakage power. The alternate strategy used by an adversary is to leak the information through reverse engineering. The proposed work avoids this by using a bit sequencer and a modified butterfly PUF based randomizing architecture. A modified version of butterfly PUF is also proposed in this paper, and from various qualitative tests performed it is evident that this PUF can prevent information leakage. This work is validated on ISCAS 85, ISCAS 89 benchmark circuits and the results obtained indicate that the difference in leakage power is found to be very marginal