Mask Scrambling Against SCA on Reconfigurable TBOX-Based AES

In the last years Side-Channel Attacks have become a significant threat against security devices. Given this, several countermeasures have been proposed, ranging from reducing the leaked power consumption to masking schemes. However, these solutions imply a cost, typically in terms of resources, performance, and power consumption. This paper focuses on the deployment of masking to the AES computation supported on re-configurable technologies, in this particular case on a SmartFusion 2 SoC and its FPGA fabric and embedded ARM Cortex-M3 processor. This work proposes a novel masking scheme using Auxiliary Random Tables (RBoxes) to further harden the protection against SCA by not only extending the set of used random masks, but also by improving the update frequency of the mask sets. The implementation results suggest that the existing related masking schemes can be deployed at a cost of 645 additional LUTs, 16 µSRAMs, and no additional Large SRAMs, whilst achieving the same operating frequency.

[1]  P. Rohatgi,et al.  A testing methodology for side channel resistance , 2011 .

[2]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[3]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[4]  Robert Specht,et al.  Your rails cannot hide from localized EM: how dual-rail logic fails on FPGAs—extended version , 2017, Journal of Cryptographic Engineering.

[5]  Christof Paar,et al.  Templates vs. Stochastic Methods , 2006, CHES.

[6]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[7]  Markus G. Kuhn,et al.  Efficient Template Attacks , 2013, CARDIS.

[8]  Jovan Dj. Golic,et al.  Multiplicative Masking and Power Analysis of AES , 2002, CHES.

[9]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[10]  Tim Güneysu,et al.  Side-Channel Protection by Randomizing Look-Up Tables on Reconfigurable Hardware - Pitfalls of Memory Primitives , 2015, IACR Cryptol. ePrint Arch..

[11]  Jens-Peter Kaps,et al.  DPA Resistant AES on FPGA Using Partial DDL , 2010, 2010 18th IEEE Annual International Symposium on Field-Programmable Custom Computing Machines.

[12]  Tim Güneysu,et al.  Generic Side-Channel Countermeasures for Reconfigurable Devices , 2011, CHES.

[13]  Jean-Didier Legat,et al.  Compact and efficient encryption/decryption module for FPGA implementation of the AES Rijndael very well suited for small embedded applications , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[14]  Suresh Chari,et al.  A Cautionary Note Regarding Evaluation of AES Candidates on Smart-Cards , 1999 .

[15]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[16]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[17]  Ricardo Chaves,et al.  SCA-Resistance for AES: How Cheap Can We Go? , 2018, AFRICACRYPT.

[18]  Kris Gaj,et al.  Very Compact FPGA Implementation of the AES Algorithm , 2003, CHES.

[19]  Jean-Sébastien Coron,et al.  A New DPA Countermeasure Based on Permutation Tables , 2008, SCN.

[20]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[21]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[22]  Tim Güneysu,et al.  DSPs, BRAMs, and a Pinch of Logic: Extended Recipes for AES on FPGAs , 2010, TRETS.

[23]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[24]  Ingrid Verbauwhede,et al.  An FPGA Implementation of Rijndael: Trade-offs for side-channel security , 2004 .

[25]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[26]  Ricardo Chaves,et al.  TBOX-Based Mask Scrambling Against SCA , 2020, 2020 IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM).

[27]  Yi Wang,et al.  FPGA Implementations of the AES Masked Against Power Analysis Attacks , 2011 .

[28]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.