Improving Security of SDDL Designs through Interleaved Placement on Xilinx FPGAs

Implementations of mathematically secure cryptographic algorithms leak information through side channels during run time. Differential Power Analysis (DPA) attacks exploit power leakage to obtain the secret information. Dynamic and Differential Logic (DDL), one of the popular countermeasures against DPA attacks, tries to achieve constant power consumption thereby decor relating the leakage with the data being processed. Separated Dynamic and Differential Logic (SDDL), a variant of DDL, achieves this goal by duplicating the original design into Direct and Complementary parts which exhibit constant switching activity per clock cycle and have balanced net delays. Traditionally, on Field Programmable Gate Arrays (FPGAs) both parts are placed side-by-side to ensure symmetrical routing. However, due to process variations both parts will have slightly different delays. This limits the effectiveness of SDDL. In this paper we introduce a design flow to achieve interleaved placement of SDDL designs on Xilinx Spartan-3E FPGAs while preserving symmetric routing. We explore several placement configurations with respect to routing and security. The results of our experiments show that a well-balanced placement of SDDL can double the effectiveness of the SDDL countermeasures on FPGAs.

[1]  Patrick Schaumont,et al.  Secure FPGA circuits using controlled placement and routing , 2007, 2007 5th IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[2]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.

[3]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[4]  Sylvain Guilley,et al.  Place-and-route impact on the security of DPL designs in FPGAs , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[5]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[6]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[7]  Sylvain Guilley,et al.  Successful attack on an FPGA-based WDDL DES cryptoprocessor without place and route constraints , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[8]  Jens-Peter Kaps,et al.  DPA resistance for light-weight implementations of cryptographic algorithms on FPGAs , 2009, 2009 International Conference on Field Programmable Logic and Applications.

[9]  Steven Trimberger Trusted Design in FPGAs , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[10]  Berk Sunar,et al.  Energy Comparison of AES and SHA-1 for Ubiquitous Computing , 2006, EUC Workshops.

[11]  Jens-Peter Kaps,et al.  DPA Resistant AES on FPGA Using Partial DDL , 2010, 2010 18th IEEE Annual International Symposium on Field-Programmable Custom Computing Machines.

[12]  Patrick Schaumont,et al.  Improving the quality of a Physical Unclonable Function using configurable Ring Oscillators , 2009, 2009 International Conference on Field Programmable Logic and Applications.

[13]  Ryan Kastner,et al.  Managing Security in FPGA-Based Embedded Systems , 2008, IEEE Design & Test of Computers.

[14]  Sylvain Guilley,et al.  Exploiting Dual-Output Programmable Blocks to Balance Secure Dual-Rail Logics , 2010, Int. J. Reconfigurable Comput..