SCA-Resistance for AES: How Cheap Can We Go?

This paper introduces a novel AES structure capable of improving the robustness against power analysis attacks while allowing for a very compact structure with a potentially negligible area and performance impact. The proposed design is based on a low entropy masking scheme, where half of the time the true value and half of the time the complemented value are used to mask the power consumption variation. The obtained experimental results suggest that the area overhead for the protection against power analysis is as low as 5% LUT increase with a performance degradation of about 10%. When compared with the state of the art supported on FPGAs, efficiency improvements above 6 times and a throughput improvement of at least two times higher are achieved.

[1]  Sylvain Guilley,et al.  RSM: A small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[2]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.

[3]  Tim Güneysu,et al.  Side-Channel Protection by Randomizing Look-Up Tables on Reconfigurable Hardware - Pitfalls of Memory Primitives , 2015, IACR Cryptol. ePrint Arch..

[4]  Patrick Schaumont,et al.  Secure FPGA circuits using controlled placement and routing , 2007, 2007 5th IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[5]  Thomas Eisenbarth,et al.  On the Vulnerability of Low Entropy Masking Schemes , 2013, CARDIS.

[6]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[7]  Tim Güneysu,et al.  Achieving side-channel protection with dynamic logic reconfiguration on modern FPGAs , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[8]  Ingrid Verbauwhede,et al.  Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology , 2003, CHES.

[9]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[10]  Yi Wang,et al.  FPGA Implementations of the AES Masked Against Power Analysis Attacks , 2011 .

[11]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[12]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[13]  Yusuf Leblebici,et al.  Evaluating Resistance of MCML Technology to Power Analysis Attacks Using a Simulation-Based Methodology , 2009, Trans. Comput. Sci..

[14]  Tim Güneysu,et al.  GliFreD: Glitch-Free Duplication Towards Power-Equalized Circuits on FPGAs , 2018, IEEE Transactions on Computers.

[15]  Jens-Peter Kaps,et al.  DPA Resistant AES on FPGA Using Partial DDL , 2010, 2010 18th IEEE Annual International Symposium on Field-Programmable Custom Computing Machines.

[16]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[17]  Hendra Guntur,et al.  Side-channel AttacK User Reference Architecture board SAKURA-G , 2014, 2014 IEEE 3rd Global Conference on Consumer Electronics (GCCE).

[18]  Stamatis Vassiliadis,et al.  Reconfigurable memory based AES co-processor , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[19]  Sylvain Guilley,et al.  Formal Analysis of the Entropy / Security Trade-off in First-Order Masking Countermeasures against Side-Channel Attacks , 2011, INDOCRYPT.

[20]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[21]  Tim Güneysu,et al.  Generic Side-Channel Countermeasures for Reconfigurable Devices , 2011, CHES.

[22]  François-Xavier Standaert,et al.  Univariate side channel attacks and leakage modeling , 2011, Journal of Cryptographic Engineering.

[23]  Elisabeth Oswald,et al.  An Efficient Masking Scheme for AES Software Implementations , 2005, WISA.