669 research outputs found
An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order
Passive physical attacks, like power analysis, pose a serious threat to the security of digital circuits. In this work, we introduce an efficient sidechannel protected Advanced Encryption Standard (AES) hardware design that is completely scalable in terms of protection order. Therefore, we revisit the private circuits scheme of Ishai et al. [13] which is known to be vulnerable to glitches. We demonstrate how to achieve resistance against multivariate higher-order attacks in the presence of glitches for the same randomness cost as the private circuits scheme. Although our AES design is scalable, it is smaller, faster, and less randomness demanding than other side-channel protected AES implementations. Our first-order secure AES design, for example, requires only 18 bits of randomness per S-box operation and 6 kGE of chip area. We demonstrate the flexibility of our AES implementation by synthesizing it up to the 15th protection order
Explointing FPGA block memories for protected cryptographic implementations
Modern Field Programmable Gate Arrays (FPGAs) are power packed with features to facilitate designers. Availability of features like huge block memory (BRAM), Digital Signal Processing (DSP) cores, embedded CPU makes the design strategy of FPGAs quite different from ASICs. FPGA are also widely used in security-critical application where protection against known attacks is of prime importance. We focus ourselves on physical attacks which target physical implementations. To design countermeasures against such attacks, the strategy for FPGA designers should also be different from that in ASIC. The available features should be exploited to design compact and strong countermeasures. In this paper, we propose methods to exploit the BRAMs in FPGAs for designing compact countermeasures. BRAM can be used to optimize intrinsic countermeasures like masking and dual-rail logic, which otherwise have significant overhead (at least 2X). The optimizations are applied on a real AES-128 co-processor and tested for area overhead and resistance on Xilinx Virtex-5 chips. The presented masking countermeasure has an overhead of only 16% when applied on AES. Moreover Dual-rail Precharge Logic (DPL) countermeasure has been optimized to pack the whole sequential part in the BRAM, hence enhancing the security. Proper robustness evaluations are conducted to analyze the optimization for area and security
LeakyOhm: Secret Bits Extraction using Impedance Analysis
The threats of physical side-channel attacks and their countermeasures have
been widely researched. Most physical side-channel attacks rely on the
unavoidable influence of computation or storage on current consumption or
voltage drop on a chip. Such data-dependent influence can be exploited by, for
instance, power or electromagnetic analysis. In this work, we introduce a novel
non-invasive physical side-channel attack, which exploits the data-dependent
changes in the impedance of the chip. Our attack relies on the fact that the
temporarily stored contents in registers alter the physical characteristics of
the circuit, which results in changes in the die's impedance. To sense such
impedance variations, we deploy a well-known RF/microwave method called
scattering parameter analysis, in which we inject sine wave signals with high
frequencies into the system's power distribution network (PDN) and measure the
echo of the signals. We demonstrate that according to the content bits and
physical location of a register, the reflected signal is modulated differently
at various frequency points enabling the simultaneous and independent probing
of individual registers. Such side-channel leakage challenges the -probing
security model assumption used in masking, which is a prominent side-channel
countermeasure. To validate our claims, we mount non-profiled and profiled
impedance analysis attacks on hardware implementations of unprotected and
high-order masked AES. We show that in the case of the profiled attack, only a
single trace is required to recover the secret key. Finally, we discuss how a
specific class of hiding countermeasures might be effective against impedance
leakage
SoK: Design Tools for Side-Channel-Aware Implementations
Side-channel attacks that leak sensitive information through a computing
device's interaction with its physical environment have proven to be a severe
threat to devices' security, particularly when adversaries have unfettered
physical access to the device. Traditional approaches for leakage detection
measure the physical properties of the device. Hence, they cannot be used
during the design process and fail to provide root cause analysis. An
alternative approach that is gaining traction is to automate leakage detection
by modeling the device. The demand to understand the scope, benefits, and
limitations of the proposed tools intensifies with the increase in the number
of proposals.
In this SoK, we classify approaches to automated leakage detection based on
the model's source of truth. We classify the existing tools on two main
parameters: whether the model includes measurements from a concrete device and
the abstraction level of the device specification used for constructing the
model. We survey the proposed tools to determine the current knowledge level
across the domain and identify open problems. In particular, we highlight the
absence of evaluation methodologies and metrics that would compare proposals'
effectiveness from across the domain. We believe that our results help
practitioners who want to use automated leakage detection and researchers
interested in advancing the knowledge and improving automated leakage
detection
- …