Design of secure cryptography against the threat of power-attacks in DSP-embedded processors

Embedded wireless devices require secure high-performance cryptography in addition to low-cost and low-energy dissipation. This paper presents for the first time a design methodology for security on a VLIW complex DSP-embedded processor core. Elliptic curve cryptography is used to demonstrate the design for security methodology. Results are verified with real dynamic power measurements and show that compared to previous research a 79% improvement in performance is achieved. Modification of power traces are performed to resist simple power analysis attack with up to 39% overhead in performance, up to 49% overheads in energy dissipation, and up to 11% overhead in code size. Simple power analysis on the VLIW DSP core is shown to be more correlated to routine ordering than individual instructions. For the first time, differential power analysis results on a VLIW using real power measurements are presented. Results show that the processor instruction level parallelism and large bus size contribute in making differential power analysis attacks extremely difficult. This research is important for industry since efficient yet secure cryptography is crucial for wireless communication devices.

[1]  Catherine H. Gebotys,et al.  Secure Elliptic Curve Implementations: An Analysis of Resistance to Power-Attacks in a DSP Processor , 2002, CHES.

[2]  D. Chudnovsky,et al.  Sequences of numbers generated by addition in formal groups and new primality and factorization tests , 1986 .

[3]  Michael Rosing,et al.  Implementing elliptic curve cryptography , 1998 .

[4]  Nigel P. Smart,et al.  Preventing SPA/DPA in ECC Systems Using the Jacobi Form , 2001, CHES.

[5]  Paul Dischamp,et al.  Power Analysis, What Is Now Possible , 2000, ASIACRYPT.

[6]  Wolfgang Rankl,et al.  Smart Card Handbook , 1997 .

[7]  Luca Benini,et al.  Battery-driven dynamic power management of portable systems , 2000, ISSS '00.

[8]  Luca Benini,et al.  Source code optimization and profiling of energy consumption in embedded systems , 2000, ISSS '00.

[9]  Rolf Ernst,et al.  Compact trace generation and power measurement in software emulation , 2000, Other Conferences.

[10]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[11]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[12]  Catherine H. Gebotys A network flow approach to memory bandwidth utilization in embedded DSP core processors , 2002, IEEE Trans. Very Large Scale Integr. Syst..

[13]  Catherine H. Gebotys,et al.  A framework for security on NoC technologies , 2003, IEEE Computer Society Annual Symposium on VLSI, 2003. Proceedings..

[14]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[15]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[16]  Kouichi Itoh,et al.  Fast Implementation of Public-Key Cryptography ona DSP TMS320C6201 , 1999, CHES.

[17]  Luca Benini,et al.  Requester-aware power reduction , 2000, ISSS '00.

[18]  Sharad Malik,et al.  Power analysis of embedded software: a first step towards software power minimization , 1994, IEEE Trans. Very Large Scale Integr. Syst..

[19]  Suresh Chari,et al.  A Cautionary Note Regarding Evaluation of AES Candidates on Smart-Cards , 1999 .

[20]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[21]  Catherine H. Gebotys,et al.  Current dynamics-based macro-model for power simulation in a complex VLIW DSP processor , 2002 .

[22]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[23]  Rolf Ernst,et al.  Segment-Wise Timing and Power Measurement in Software Emulation , 2001 .

[24]  Wolfgang Bauer Implementing elliptic curve cryptography , 2002, Communications and Multimedia Security.

[25]  Catherine H. Gebotys,et al.  Current consumption dynamics at instruction and program level for a VLIW DSP processor , 2001, International Symposium on System Synthesis (IEEE Cat. No.01EX526).

[26]  Henk L. Muller,et al.  Random Register Renaming to Foil DPA , 2001, CHES.

[27]  Alfred Menezes,et al.  Software Implementation of Elliptic Curve Cryptography over Binary Fields , 2000, CHES.

[28]  Kouichi Itoh,et al.  DPA Countermeasures by Improving the Window Method , 2002, CHES.