Silicon-level Solutions to Counteract Passive and Active Attacks

This article presents a family of cryptographic ASICs, called SecMat, designed in CMOS 130 nanometer technology by the authors with the help of STMicroelectronics.The purpose of these prototype circuits is to experience with the published ``implementation-level'' attacks(SPA, DPA, EMA, templates, DFA). We report our conclusions about the practicability of these attacks:which ones are the most simple to mount, and which ones require more skill, time, equipments, etc.The potential of FPGAs as security evaluation commodities at design time is also detailed.Then, we discuss about ``dual counter-measures'', that are meant to resist both passive and active attacks.This study started four years ago with TIMA (Grenoble), in the framework of the project MARS. We highlight some research directions towards dependable and cost-effective dual counter-measures.

[1]  Jean-Jacques Quisquater,et al.  Faults, Injection Methods, and Fault Attacks , 2007, IEEE Design & Test of Computers.

[2]  Sylvain Guilley,et al.  Differential Power Analysis Model and Some Results , 2004, CARDIS.

[3]  Sylvain Guilley,et al.  Efficient Modeling and Floorplanning of Embedded-FPGA Fabric , 2007, 2007 International Conference on Field Programmable Logic and Applications.

[4]  Christophe Giraud,et al.  DFA on AES , 2004, AES Conference.

[5]  Mohamed I. Elmasry,et al.  Modeling and comparing CMOS implementations of the C-element , 1998, IEEE Trans. Very Large Scale Integr. Syst..

[6]  Régis Leveugle,et al.  Designing Resistant Circuits against Malicious Faults Injection Using Asynchronous Logic , 2006, IEEE Transactions on Computers.

[7]  Sung-Ming Yen,et al.  Differential Fault Analysis on AES Key Schedule and Some Coutnermeasures , 2003, ACISP.

[8]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[9]  Sylvain Guilley,et al.  Template Attacks with a Power Model , 2007, IACR Cryptol. ePrint Arch..

[10]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.

[11]  Sylvain Guilley,et al.  The "Backend Duplication" Method , 2005, CHES.

[12]  Sylvain Guilley,et al.  Evaluation of Power-Constant Dual-Rail Logic as a Protection of Cryptographic Applications in FPGAs , 2008, 2008 Second International Conference on Secure System Integration and Reliability Improvement.

[13]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[14]  Sylvain Guilley,et al.  Security Evaluation of a Balanced Quasi-Delay Insensitive Library (SecLib) , 2008 .

[15]  Serge Chaumette,et al.  An Efficient and Simple Way to Test the Security of Java CardsTM , 2005, WOSIS.

[16]  Sylvain Guilley,et al.  Practical Setup Time Violation Attacks on AES , 2008, 2008 Seventh European Dependable Computing Conference.

[17]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[18]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[19]  Sylvain Guilley,et al.  CMOS structures suitable for secured hardware , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[20]  Jean-Jacques Quisquater,et al.  New Differential Fault Analysis on AES Key Schedule: Two Faults Are Enough , 2008, CARDIS.

[21]  Mohammad Tehranipoor,et al.  IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2008, Anaheim, CA, USA, June 9, 2008. Proceedings , 2008, IEEE International Symposium on Hardware Oriented Security and Trust.

[22]  Makoto Ikeda,et al.  Tamper Resistivity Analysis for Nano-meter LSI with Process Variations , 2006, 2006 13th IEEE International Conference on Electronics, Circuits and Systems.

[23]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[24]  Sergei P. Skorobogatov Optically Enhanced Position-Locked Power Analysis , 2006, CHES.

[25]  Olli Vertanen,et al.  Java Type Confusion and Fault Attacks , 2006, FDTC.

[26]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[27]  David Naccache,et al.  Blind Attacks on Engineering Samples , 2005, IACR Cryptol. ePrint Arch..

[28]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[29]  David Naccache,et al.  Finding Faults , 2005, IEEE Secur. Priv..

[30]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[31]  Jonathan Rose,et al.  Measuring the Gap Between FPGAs and ASICs , 2007, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[32]  Sylvain Guilley,et al.  Improving Side-channel Attacks by Exploiting Substitution Boxes Properties , 2007 .

[33]  Eltayeb Salih Abuelyaman,et al.  Differential Fault Analysis , 2005, International Conference on Internet Computing.

[34]  Sylvain Guilley,et al.  Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors , 2007, IEEE Design & Test of Computers.

[35]  Thomas Zefferer,et al.  Evaluation of the Masked Logic Style MDPL on a Prototype Chip , 2007, CHES.

[36]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[37]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[38]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[39]  Junko Takahashi,et al.  DFA Mechanism on the AES Key Schedule , 2007 .

[40]  Alexandre Yakovlev,et al.  Improving the Security of Dual-Rail Circuits , 2004, CHES.

[41]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[42]  Jean-Louis Lacoume,et al.  A Proposition for Correlation Power Analysis Enhancement , 2006, CHES.

[43]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[44]  Christophe Clavier An Improved SCARE Cryptanalysis Against a Secret A3/A8 GSM Algorithm , 2007, ICISS.

[45]  Mark G. Karpovsky,et al.  DPA on Faulty Cryptographic Hardware and Countermeasures , 2006, FDTC.

[46]  Israel Koren,et al.  Workshop on fault diagnosis and tolerance in cryptography , 2004, International Conference on Dependable Systems and Networks, 2004.