Electromagnetic Leakage Assessment of a Proven Higher-Order Masking of AES S-Box

International audienceMany digital systems need to provide cryptographic capabilities. A large part of these devices is easily accessible by the malicious user, and may be vulnerable to side channel attacks such as power or electromagnetic analysis. From one side, the designer has to protect the architecture with proven countermeasures; on the other, the actual implementation must be validated in order to prove the absence of undesired leakages. In this paper, we present an implementation of two optimized and proven masking schemes of order $3$ and $7$ for an embedded software AES, and prove its robustness by showing the absence of significant leakage in the nonlinear layer

Design of a secure architecture for scalar multiplication on elliptic curves

International audienceEmbedded systems support more and more features. Authentication and confidentiality are part of them. These systems have limitations that put the public-key RSA algorithm at a disadvantage: Elliptic curve cryptography (ECC) becomes more attractive because it requires less energy and less area. A lot of attacks exploit physical access on cryptographic hardware device: power analysis attacks (SPA, DPA), or timing analysis attacks. The coprocessor presented here supports all critical operations of an ECC cryptosystem and has been secured against side channel attacks

Composite Fields against Side Channel Analysis for the Advanced Encryption Standard

Secure implementations have two primary goals: being optimized (with respect to area, latency, power, or throughput) and secure against physical attacks, such as side channel analysis. Composite fields have been often proposed as a solution for the former problem, allowing implementations of the Advanced Encryption Standard targeted at resource constrained applications: additionally, they may also be a countermeasure against passive analysis and make an attack more difficult. In this paper, we present an AES design fully implemented on composite fields and evaluate its robustness against Differential Power Analysis

Composite Fields against Side Channel Analysis for the Advanced Encryption Standard

International audienceSecure implementations have two primary goals: being optimized (with respect to area, latency, power, or throughput) and secure against physical attacks, such as side channel analysis. Composite fields have been often proposed as a solution for the former problem, allowing implementations of the Advanced Encryption Standard targeted at resource constrained applications: additionally, they may also be a countermeasure against passive analysis and make an attack more difficult. In this paper, we present an AES design fully implemented on composite fields and evaluate its robustness against Differential Power Analysis

Electromagnetic Leakage Assessment of a Proven Higher-Order Masking of AES S-Box

International audienceMany digital systems need to provide cryptographic capabilities. A large part of these devices is easily accessible by the malicious user, and may be vulnerable to side channel attacks such as power or electromagnetic analysis. From one side, the designer has to protect the architecture with proven countermeasures; on the other, the actual implementation must be validated in order to prove the absence of undesired leakages. In this paper, we present an implementation of two optimized and proven masking schemes of order $3$ and $7$ for an embedded software AES, and prove its robustness by showing the absence of significant leakage in the nonlinear layer

Electromagnetic Leakage Assessment of a Proven Higher-Order Masking of AES S-Box

International audienceMany digital systems need to provide cryptographic capabilities. A large part of these devices is easily accessible by the malicious user, and may be vulnerable to side channel attacks such as power or electromagnetic analysis. From one side, the designer has to protect the architecture with proven countermeasures; on the other, the actual implementation must be validated in order to prove the absence of undesired leakages. In this paper, we present an implementation of two optimized and proven masking schemes of order $3$ and $7$ for an embedded software AES, and prove its robustness by showing the absence of significant leakage in the nonlinear layer

Incorporating error detection and online reconfiguration into a regular architecture for the advanced encryption standard

Fault injection based attacks on cryptographic devices aim at recovering the secret keys by inducing an error in the computation process. They are now considered a real threat and countermeasures against them must be taken. In this paper, we describe an extension to an existing AES architecture proposed by Mangard et al. [13], which provides error detection and fault tolerance by exploiting the high regularity of the architecture. The proposed design is capable of performing online error detection and reconfiguring internal data paths to protect against faults occurring in the computation process. We also describe how different redundancy levels provide protection against different numbers of errors. The presented design incorporating fault detection and tolerance has the same throughput as the base architecture but incurs a non-negligible area overhead. This overhead is about 40% for the fault detection circuitry and 134% for the entire fault detection and tolerance (through reconfiguration). Although quite high, this overhead is still lower than for reference solutions such as duplication (providing detection) and triple modular redundancy (providing fault masking)

A note on the error detection in an RSA architecture by means of residue codes

Recently, various attacks have been proposed against many cryptosystems, exploiting deliberate error injection during the computation process. In this paper, we add a residue-based error detection scheme to an RSA architecture to protect against such attacks. We then evaluate the error coverage and the expected area and latency overheads