Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults

In the relatively young field of fault-tolerant cryptography, the main research effort has focused exclusively on the protection of the data path of cryptographic circuits. To date, however, we have not found any work that aims at protecting the control logic of these circuits against fault attacks, which thus remains the proverbial Achilles’ heel. Motivated by a hypothetical yet realistic fault analysis attack that, in principle, could be mounted against any modular exponentiation engine, even one with appropriate data path protection, we set out to close this remaining gap. In this paper, we present guidelines for the design of multifault-resilient sequential control logic based on standard Error-Detecting Codes (EDCs) with large minimum distance. We introduce a metric that measures the effectiveness of the error detection technique in terms of the effort the attacker has to make in relation to the area overhead spent in implementing the EDC. Our comparison shows that the proposed EDC-based technique provides superior performance when compared against regular N-modular redundancy techniques. Furthermore, our technique scales well and does not affect the critical path delay

Trojans in Early Design Steps—An Emerging Threat

Hardware Trojans inserted by malicious foundries during integrated circuit manufacturing have received substantial attention in recent years. In this paper, we focus on a different type of hardware Trojan threats: attacks in the early steps of design process. We show that third-party intellectual property cores and CAD tools constitute realistic attack surfaces and that even system specification can be targeted by adversaries. We discuss the devastating damage potential of such attacks, the applicable countermeasures against them and their deficiencies

Integrated Evaluation Platform for Secured Devices

International audienceIn this paper, we describe the structure of a FPGAsmart card emulator. The aim of such an emulator is to improvethe behaviour of the whole architecture when faults occur. Withinthis card, an embedded Advanced Encryption Standard (AES)protected against DFA is inserted as well as a fault injectionblock. We also present the microprocessor core which controlsthe whole card

ASSESSING AND IMPROVING THE RELIABILITY AND SECURITY OF CIRCUITS AFFECTED BY NATURAL AND INTENTIONAL FAULTS

The reliability and security vulnerability of modern electronic systems have emerged as concerns due to the increasing natural and intentional interferences. Radiation of high-energy charged particles generated from space environment or packaging materials on the substrate of integrated circuits results in natural faults. As the technology scales down, factors such as critical charge, voltage supply, and frequency change tremendously that increase the sensitivity of integrated circuits to natural faults even for systems operating at sea level. An attacker is able to simulate the impact of natural faults and compromise the circuit or cause denial of service. Therefore, instead of utilizing different approaches to counteract the effect of natural and intentional faults, a unified countermeasure is introduced. The unified countermeasure thwarts the impact of both reliability and security threats without paying the price of more area overhead, power consumption, and required time. This thesis first proposes a systematic analysis method to assess the probability of natural faults propagating the circuit and eventually being latched. The second part of this work focuses on the methods to thwart the impact of intentional faults in cryptosystems. We exploit a power-based side-channel analysis method to analyze the effect of the existing fault detection methods for natural faults on fault attack. Countermeasures for different security threats on cryptosystems are investigated separately. Furthermore, a new micro-architecture is proposed to thwart the combination of fault attacks and side-channel attacks, reducing the fault bypass rate and slowing down the key retrieval speed. The third contribution of this thesis is a unified countermeasure to thwart the impact of both natural faults and attacks. The unified countermeasure utilizes dynamically alternated multiple generator polynomials for the cyclic redundancy check (CRC) codec to resist the reverse engineering attack

Null Convention Logic applications of asynchronous design in nanotechnology and cryptographic security

This dissertation presents two Null Convention Logic (NCL) applications of asynchronous logic circuit design in nanotechnology and cryptographic security. The first application is the Asynchronous Nanowire Reconfigurable Crossbar Architecture (ANRCA); the second one is an asynchronous S-Box design for cryptographic system against Side-Channel Attacks (SCA). The following are the contributions of the first application: 1) Proposed a diode- and resistor-based ANRCA (DR-ANRCA). Three configurable logic block (CLB) structures were designed to efficiently reconfigure a given DR-PGMB as one of the 27 arbitrary NCL threshold gates. A hierarchical architecture was also proposed to implement the higher level logic that requires a large number of DR-PGMBs, such as multiple-bit NCL registers. 2) Proposed a memristor look-up-table based ANRCA (MLUT-ANRCA). An equivalent circuit simulation model has been presented in VHDL and simulated in Quartus II. Meanwhile, the comparison between these two ANRCAs have been analyzed numerically. 3) Presented the defect-tolerance and repair strategies for both DR-ANRCA and MLUT-ANRCA. The following are the contributions of the second application: 1) Designed an NCL based S-Box for Advanced Encryption Standard (AES). Functional verification has been done using Modelsim and Field-Programmable Gate Array (FPGA). 2) Implemented two different power analysis attacks on both NCL S-Box and conventional synchronous S-Box. 3) Developed a novel approach based on stochastic logics to enhance the resistance against DPA and CPA attacks. The functionality of the proposed design has been verified using an 8-bit AES S-box design. The effects of decision weight, bitstream length, and input repetition times on error rates have been also studied. Experimental results shows that the proposed approach enhances the resistance to against the CPA attack by successfully protecting the hidden key --Abstract, page iii

Circuit-Variant Moving Target Defense for Side-Channel Attacks on Reconfigurable Hardware

With the emergence of side-channel analysis (SCA) attacks, bits of a secret key may be derived by correlating key values with physical properties of cryptographic process execution. Power and Electromagnetic (EM) analysis attacks are based on the principle that current flow within a cryptographic device is key-dependent and therefore, the resulting power consumption and EM emanations during encryption and/or decryption can be correlated to secret key values. These side-channel attacks require several measurements of the target process in order to amplify the signal of interest, filter out noise, and derive the secret key through statistical analysis methods. Differential power and EM analysis attacks rely on correlating actual side-channel measurements to hypothetical models. This research proposes increasing resistance to differential power and EM analysis attacks through structural and spatial randomization of an implementation. By introducing randomly located circuit variants of encryption components, the proposed moving target defense aims to disrupt side-channel collection and correlation needed to successfully implement an attac