Template attacks exploiting static power and application to CMOS lightweight crypto‐hardware

Summary A new class of template attacks aiming at recovering the secret key of a cryptographic core from measurements of its static power consumption is presented in this paper. These attacks exploit the dependence of the static current of Complementary metal–oxide–semiconductor Integrated Circuits on the input vector and the maximum likelihood decision rule as a statistical distinguisher. In the proposed Template Attacks Exploiting Static Power (TAESP), we take advantage of the temperature dependence of static currents in order to build a new multivariate approach able to extract relevant information from cryptographic devices. As a validation case study, we consider the PRESENT-80 block cypher algorithm and its implementation on a 40 nm Complementary metal–oxide–semiconductor process. Monte Carlo and corner simulations at transistor level are used to show the effectiveness of the TAESP in the presence of die-to-die and intra-die process variations. A real attack scenario is then built by adding Gaussian noise to current samples extracted from transistor-level simulations. The univariate TAESP in which just one temperature is considered to build the templates is compared against the multivariate TAESP in which measurements at different controlled temperatures are exploited. This comparison shows that using just a few different temperatures to build multivariate templates allows to strongly increase the effectiveness of the attack. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Christof Paar,et al.  A Survey of Lightweight-Cryptography Implementations , 2007, IEEE Design & Test of Computers.

[2]  William J. Bowhill,et al.  Design of High-Performance Microprocessor Circuits , 2001 .

[3]  Alessandro Trifiletti,et al.  Leakage Power Analysis Attacks: A Novel Class of Attacks to Nanometer Cryptographic Circuits , 2010, IEEE Transactions on Circuits and Systems I: Regular Papers.

[4]  Christof Paar,et al.  Ultra-Lightweight Implementations for Smart Devices - Security for 1000 Gate Equivalents , 2008, CARDIS.

[5]  Francesco Centurelli,et al.  Design and validation through a frequency-based metric of a new countermeasure to protect nanometer ICs from side-channel attacks , 2015, Journal of Cryptographic Engineering.

[6]  Alessandro Trifiletti,et al.  Effectiveness of Leakage Power Analysis Attacks on DPA-Resistant Logic Styles Under Process Variations , 2014, IEEE Transactions on Circuits and Systems I: Regular Papers.

[7]  Stefano Gregori,et al.  Protection Circuit against Differential Power Analysis Attacks for Smart Cards , 2008, IEEE Transactions on Computers.

[8]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[9]  Amir Moradi,et al.  Side-Channel Resistant Crypto for Less than 2,300 GE , 2011, Journal of Cryptology.

[10]  Amir Moradi,et al.  Side-channel attacks from static power: When should we care? , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[11]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[12]  Denis Flandre,et al.  A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices , 2011, EUROCRYPT.

[13]  Alessandro Trifiletti,et al.  Univariate Power Analysis Attacks Exploiting Static Dissipation of Nanometer CMOS VLSI Circuits for Cryptographic Applications , 2017, IEEE Transactions on Emerging Topics in Computing.

[14]  Saibal Mukhopadhyay,et al.  Leakage current mechanisms and leakage reduction techniques in deep-submicrometer CMOS circuits , 2003, Proc. IEEE.

[15]  Alessandro Trifiletti,et al.  Analysis of data dependence of leakage current in CMOS cryptographic hardware , 2007, GLSVLSI '07.