Univariate Power Analysis Attacks Exploiting Static Dissipation of Nanometer CMOS VLSI Circuits for Cryptographic Applications

In this work we focus on Power Analysis Attacks (PAAs) which exploit the dependence of the static current of sub-50 nm CMOS integrated circuits on the internally processed data. Spice simulations of static power have been carried out to show that the coefficient of variation of nanometer logic gates is increasing with the scaling of CMOS technology. We demonstrate that it is possible to recover the secret key of a cryptographic core by exploiting this data dependence by means of different statistical distinguishers. For the first time in the literature we formulate the Attack Exploiting Static Power (AESP) as a univariate attack by using the mutual information approach to quantify the information that leaks through the static power side channel independently from the adopted leakage model. This analysis shows that countermeasures conceived to protect cryptographic hardware from attacks based on dynamic power consumption (e.g., WDDL, MDPL, SABL) still exhibit a leakage through the static power side channel. Finally, we show that the Time Enclosed Logic (TEL) concept does not leak information through the static power and is suitable to be used as a countermeasure against both attacks explointig dynamic power and attacks exploiting static power.

[1]  Denis Flandre,et al.  A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices , 2011, EUROCRYPT.

[2]  A. Trifiletti,et al.  Leakage Power Analysis attacks: Well-defined procedure and first experimental results , 2009, 2009 International Conference on Microelectronics - ICM.

[3]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[4]  Mark C. Johnson,et al.  Models and algorithms for bounds on leakage in CMOS circuits , 1999, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[5]  B. Hoefflinger ITRS: The International Technology Roadmap for Semiconductors , 2011 .

[6]  Leyla Nazhandali,et al.  Utilizing sub-threshold technology for the creation of secure circuits , 2008, 2008 IEEE International Symposium on Circuits and Systems.

[7]  Yusuf Leblebici,et al.  Evaluating Resistance of MCML Technology to Power Analysis Attacks Using a Simulation-Based Methodology , 2009, Trans. Comput. Sci..

[8]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[9]  Nian-Hao Zhu,et al.  Employing Symmetric Dual-Rail Logic to Thwart LPA Attack , 2013, IEEE Embedded Systems Letters.

[10]  Christof Paar,et al.  A Survey of Lightweight-Cryptography Implementations , 2007, IEEE Design & Test of Computers.

[11]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[12]  Vivek De,et al.  A new technique for standby leakage reduction in high-performance circuits , 1998, 1998 Symposium on VLSI Circuits. Digest of Technical Papers (Cat. No.98CH36215).

[13]  Axel Poschmann,et al.  Lightweight cryptography: cryptographic engineering for a pervasive world , 2009, IACR Cryptol. ePrint Arch..

[14]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[15]  Alessandro Trifiletti,et al.  Three-Phase Dual-Rail Pre-charge Logic , 2006, CHES.

[16]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[17]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[18]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[19]  Alessandro Trifiletti,et al.  Leakage Power Analysis attacks against a bit slice implementation of the Serpent block cipher , 2014, 2014 Proceedings of the 21st International Conference Mixed Design of Integrated Circuits and Systems (MIXDES).

[20]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[21]  Farid N. Najm,et al.  A gate-level leakage power reduction method for ultra-low-power CMOS circuits , 1997, Proceedings of CICC 97 - Custom Integrated Circuits Conference.

[22]  Alexandre Yakovlev,et al.  Power balanced circuits for leakage-power-attacks resilient design , 2015, 2015 Science and Information Conference (SAI).

[23]  Alessandro Trifiletti,et al.  Delay-Based Dual-Rail Precharge Logic , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[24]  William J. Bowhill,et al.  Design of High-Performance Microprocessor Circuits , 2001 .

[25]  Chintan Patel,et al.  Post-layout estimation of side-channel power supply signatures , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[26]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[27]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[28]  Amir Moradi,et al.  Side-channel attacks from static power: When should we care? , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[29]  Alessandro Trifiletti,et al.  Effectiveness of Leakage Power Analysis Attacks on DPA-Resistant Logic Styles Under Process Variations , 2014, IEEE Transactions on Circuits and Systems I: Regular Papers.

[30]  Giorgio Di Natale,et al.  An Integrated Validation Environment for Differential Power Analysis , 2008, 4th IEEE International Symposium on Electronic Design, Test and Applications (delta 2008).

[31]  Saibal Mukhopadhyay,et al.  Leakage current mechanisms and leakage reduction techniques in deep-submicrometer CMOS circuits , 2003, Proc. IEEE.

[32]  Siva G. Narendra,et al.  Leakage in Nanometer CMOS Technologies , 2010 .

[33]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[34]  Alessandro Trifiletti,et al.  Leakage Power Analysis attacks: Effectiveness on DPA resistant logic styles under process variations , 2011, 2011 IEEE International Symposium of Circuits and Systems (ISCAS).

[35]  Jean-Jacques Quisquater,et al.  Information Theoretic Evaluation of Side-Channel Resistant Logic Styles , 2007, CHES.

[36]  Alessandro Trifiletti,et al.  Leakage Power Analysis Attacks: A Novel Class of Attacks to Nanometer Cryptographic Circuits , 2010, IEEE Transactions on Circuits and Systems I: Regular Papers.

[37]  Mohamed I. Elmasry,et al.  Power dissipation analysis and optimization of deep submicron CMOS digital circuits , 1996, IEEE J. Solid State Circuits.

[38]  Amir Moradi,et al.  Side-Channel Leakage through Static Power - Should We Care about in Practice? , 2014, CHES.

[39]  Francesco Centurelli,et al.  Design and validation through a frequency-based metric of a new countermeasure to protect nanometer ICs from side-channel attacks , 2015, Journal of Cryptographic Engineering.