DPA on Faulty Cryptographic Hardware and Countermeasures

Balanced gates are an effective countermeasure against power analysis attacks only if they can be guaranteed to maintain their power balance. Traditional testing and reliability methods are used primarily only to ensure the correctness of the logical functionality and not the balance of a circuit. Due to the hardware redundancy in balanced gate designs, there are many faults which can imbalance a balanced gate without causing logical errors. As a result, traditional testing and reliability methods and architectures are unable to test and verify if a gate is completely defect and fault-free and hence balanced. Our simulations show that a few faulty balanced gates can make a circuit as vulnerable to power analysis attacks as a completely imbalanced implementation. This vulnerability opens the possibility of new methods of attacks based on a combination of fault and power attacks. A solution to the vulnerability based on a built-in differential self-balance comparator is presented.

[1]  Mark G. Karpovsky,et al.  Differential Fault Analysis Attack Resistant Architectures for the Advanced Encryption Standard , 2004, CARDIS.

[2]  Cécile Canovas,et al.  What do S-boxes Say in Differential Side Channel Attacks? , 2005, IACR Cryptol. ePrint Arch..

[3]  R. Rajsuman,et al.  Iddq testing for CMOS VLSI , 1994, Proceedings of the IEEE.

[4]  Shyang-Tai Su,et al.  Transient power supply current monitoring—A new test method for CMOS VLSI circuits , 1995, J. Electron. Test..

[5]  Mark G. Karpovsky,et al.  Fault Attack Resistant Cryptographic Hardware with Uniform Error Detection , 2006, FDTC.

[6]  Alfonso De Gregorio,et al.  Cryptographic Key Reliable Lifetimes: Bounding the Risk of Key Exposure in the Presence of Faults , 2006, FDTC.

[7]  Jean-Sébastien Coron,et al.  Statistics and secret leakage , 2000, TECS.

[8]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[9]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[10]  Mark G. Karpovsky,et al.  Gate Transfer Level Synthesis as an Automated Approach to Fine-Grain Pipelining , 2004 .

[11]  Ramesh Karri,et al.  Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers , 2003, CHES.

[12]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[13]  Alexander Taubin,et al.  Automated Design of Cryptographic Devices Resistant to Multiple Side-Channel Attacks , 2006, CHES.

[14]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[15]  Mark G. Karpovsky,et al.  An automated fine-grain pipelining using domino style asynchronous library , 2005, Fifth International Conference on Application of Concurrency to System Design (ACSD'05).

[16]  M. Karpovsky,et al.  Robust Codes for Fault Attack Resistant Cryptographic Hardware , 2005 .

[17]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[18]  Jean-Didier Legat,et al.  A Design Methodology for Secured ICs Using Dynamic Current Mode Logic , 2005, PATMOS.