A Lightweight Masked AES Implementation for Securing IoT Against CPA Attacks

A false key-based advanced encryption standard (AES) technique is proposed to prevent the stored secret key leaking from the substitution-box under correlation power analysis (CPA) attacks without significant power and area overhead. Wave dynamic differential logic (WDDL)-based XOR gates are utilized during the reconstruction stage to hide the intermediate data that may be highly correlated with the false key. After applying the false key and designing the reconstruction stage with the WDDL, the minimum measurement-to-disclose value for the proposed lightweight masked AES engine implementation becomes over 150 million against CPA attacks. As compared to an unprotected AES engine, the power, area, and performance overhead of the proposed AES implementation is negligible.

[1]  Charles G. Sodini,et al.  Microelectronics: An Integrated Approach , 1996 .

[2]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[3]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[4]  Alexandre Yakovlev,et al.  Design and analysis of dual-rail circuits for security applications , 2005, IEEE Transactions on Computers.

[5]  Elisabeth Oswald,et al.  An Efficient Masking Scheme for AES Software Implementations , 2005, WISA.

[6]  FRANÇOIS-XAVIER STANDAERT,et al.  An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays , 2006, Proceedings of the IEEE.

[7]  Alessandro Trifiletti,et al.  Three-Phase Dual-Rail Pre-charge Logic , 2006, CHES.

[8]  S. Yang,et al.  AES-Based Security Coprocessor IC in 0.18-$muhbox m$CMOS With Resistance to Differential Power Analysis Side-Channel Attacks , 2006, IEEE Journal of Solid-State Circuits.

[9]  Guido Bertoni,et al.  Security Evaluation of WDDL and SecLib Countermeasures against Power Attacks , 2008, IEEE Transactions on Computers.

[10]  Alessandro Trifiletti,et al.  Leakage Power Analysis Attacks: A Novel Class of Attacks to Nanometer Cryptographic Circuits , 2010, IEEE Transactions on Circuits and Systems I: Regular Papers.

[11]  David Blaauw,et al.  Securing Encryption Systems With a Switched Capacitor Current Equalizer , 2010, IEEE Journal of Solid-State Circuits.

[12]  Yuejun Zhang,et al.  Design of resistant DPA three-valued counter based on SABL , 2011, 2011 9th IEEE International Conference on ASIC.

[13]  Wei Zhao,et al.  FPGA based optimization for masked AES implementation , 2011, 2011 IEEE 54th International Midwest Symposium on Circuits and Systems (MWSCAS).

[14]  Alessandro Trifiletti,et al.  Delay-Based Dual-Rail Precharge Logic , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[15]  Yi Wang,et al.  FPGA Implementations of the AES Masked Against Power Analysis Attacks , 2011 .

[16]  Lilian Bossuet,et al.  A masked Correlated Power Noise Generator use as a second order DPA countermeasure to secure hardware AES cipher , 2011, ICM 2011 Proceeding.

[17]  Mingyan Yu,et al.  A more practical CPA attack against present hardware implementation , 2012, 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems.

[18]  R. Tourki,et al.  Implementation of CPA analysis against AES design on FPGA , 2012, 2012 International Conference on Communications and Information Technology (ICCIT).

[19]  Sylvain Guilley,et al.  RSM: A small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[20]  Mohamed Jamal Zemerly,et al.  A new lightweight hybrid cryptographic algorithm for the internet of things , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[21]  Hsie-Chia Chang,et al.  A True Random-Based Differential Power Analysis Countermeasure Circuit for an AES Engine , 2012, IEEE Transactions on Circuits and Systems II: Express Briefs.

[22]  Christof Paar,et al.  Masked Dual-Rail Precharge Logic Encounters State-of-the-Art Power Analysis Methods , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[23]  Yajun Ha,et al.  FPGA-Based 40.9-Gbits/s Masked AES With Area Optimization for Storage Area Network , 2013, IEEE Transactions on Circuits and Systems II: Express Briefs.

[24]  Wang Xu,et al.  Encryption Node Design in Internet of Things Based on Fingerprint Features and CC2530 , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[25]  Chester Rebeiro,et al.  DRECON: DPA Resistant Encryption by Construction , 2014, AFRICACRYPT.

[26]  Selçuk Köse,et al.  Converter-Gating: A Power Efficient and Secure On-Chip Power Delivery System , 2014, IEEE Journal on Emerging and Selected Topics in Circuits and Systems.

[27]  Denny Darlis,et al.  An implementation of data encryption for Internet of Things using blowfish algorithm on FPGA , 2014, 2014 2nd International Conference on Information and Communication Technology (ICoICT).

[28]  Zhi Chen,et al.  A lightweight attribute-based encryption scheme for the Internet of Things , 2015, Future Gener. Comput. Syst..

[29]  Selçuk Köse,et al.  Time-Delayed Converter-Reshuffling: An Efficient and Secure Power Delivery Architecture , 2015, IEEE Embedded Systems Letters.

[30]  Francesco Centurelli,et al.  Design and validation through a frequency-based metric of a new countermeasure to protect nanometer ICs from side-channel attacks , 2015, Journal of Cryptographic Engineering.

[31]  Selçuk Köse,et al.  Leveraging on-chip voltage regulators as a countermeasure against side-channel attacks , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[32]  Liwei Zhang,et al.  Towards secure cryptographic software implementation against side-channel power analysis attacks , 2015, 2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP).

[33]  Sandip Ray,et al.  The Changing Computing Paradigm With Internet of Things: A Tutorial Introduction , 2016, IEEE Design & Test.

[34]  Qiaoyan Yu,et al.  Assessing CPA resistance of AES with different fault tolerance mechanisms , 2016, 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC).

[35]  Selçuk Köse,et al.  A Voltage Regulator-Assisted Lightweight AES Implementation Against DPA Attacks , 2016, IEEE Transactions on Circuits and Systems I: Regular Papers.

[36]  Michael Tunstall,et al.  Key extraction from the primary side of a switched-mode power supply , 2016, 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST).

[37]  Debdeep Mukhopadhyay,et al.  Using Tweaks to Design Fault Resistant Ciphers , 2016, 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID).

[38]  Vishal Saraswat,et al.  Security, Privacy, and Applied Cryptography Engineering , 2016, Lecture Notes in Computer Science.

[39]  Selçuk Köse,et al.  Charge-Withheld Converter-Reshuffling: A Countermeasure Against Power Analysis Attacks , 2016, IEEE Transactions on Circuits and Systems II: Express Briefs.

[40]  Selçuk Köse,et al.  False Key-Controlled Aggressive Voltage Scaling: A Countermeasure Against LPA Attacks , 2017, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[41]  Selçuk Köse,et al.  Security-Adaptive Voltage Conversion as a Lightweight Countermeasure Against LPA Attacks , 2017, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[42]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.

[43]  Selçuk Köse,et al.  Exploiting Voltage Regulators to Enhance Various Power Attack Countermeasures , 2018, IEEE Transactions on Emerging Topics in Computing.