Security Metrics for Power Based SCA Resistant Hardware Implementation

Power based side-channel attacks (SCA) are well-known major threats to cryptographic devices such as smart cards or other embedded systems. Quantification of resistance or robustness of a cryptographic device against power based SCA is needed as part of the VLSI CAD design flow. The security metric used in such a quantification can be included in design constraints and optimizations just like area and delay. We investigate two SCA security metrics: (1) Kullback-Leibler divergence and (2) mutual information. These metrics are applicable at multiple design abstraction levels from logic level, net list level to layout level. If the implementation at some abstraction level does not satisfy the threshold of the SCA metric, it should be transformed until the SCA metric value is acceptable. However, computation of these metrics is significantly challenging. We propose a relatively fast logic level SCA analysis with renewal process and linear regression methodology. This fast test can be used as a first level filter for SCA vulnerability. Mutual information computation requires building more significant statistical model which involves multiple power simulations. The mutual information based SCA analysis can be exploited for more realistic and accurate verification at the physical transistor or layout level.

[1]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[2]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[3]  Farid N. Najm,et al.  A survey of power estimation techniques in VLSI circuits , 1994, IEEE Trans. Very Large Scale Integr. Syst..

[4]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[5]  Randolph D. Nelson,et al.  Probability, stochastic processes, and queueing theory - the mathematics of computer performance modeling , 1995 .

[6]  Jean-Jacques Quisquater,et al.  Information Theoretic Evaluation of Side-Channel Resistant Logic Styles , 2007, CHES.

[7]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[8]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[9]  Huaiyu Zhu On Information and Sufficiency , 1997 .

[10]  Massimo Alioto,et al.  A General Power Model of Differential Power Analysis Attacks to Static Logic Circuits , 2008, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[11]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[12]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[13]  Randolph Nelson,et al.  Probability, Stochastic Processes, and Queueing Theory , 1995 .

[14]  Giovanni De Micheli,et al.  Synthesis and Optimization of Digital Circuits , 1994 .

[15]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[16]  Alexandre Yakovlev,et al.  Power balanced circuits for leakage-power-attacks resilient design , 2015, 2015 Science and Information Conference (SAI).