Subthreshold AES S-Box with Increased Power Analysis Resistance

Operation in subthreshold region is tested for increasing resistance of the AES S-box against power analysis attacks. The non-linear S-box (substitute bytes) operation is one of the major building blocks of the AES algorithm. A compact 4 stage pipelined and asynchronous S-box is implemented in 90 nm CMOS technology. The S-box is simulated in normal superthreshold and subthreshold operation. The correlation and standard deviation of instantaneous power consumption is calculated. Our simulation results indicate orders of magnitude lower correlation between power consumption and processed data. The increased resistance against power analysis attacks comes at the cost of 340 times longer execution time. Our S-box has a throughput of 7.37 Mbit/s in subthreshold operation. The throughput is increased to 19.88 Mbit/s when introducing 4 pipeline stages.

[1]  Ingrid Verbauwhede,et al.  A Systematic Evaluation of Compact Hardware Implementations for the Rijndael S-Box , 2005, CT-RSA.

[2]  Elisabeth Oswald,et al.  An ASIC Implementation of the AES SBoxes , 2002, CT-RSA.

[3]  Omid Mirmotahari,et al.  Proposal for a Ultra Low Voltage NAND gate to withstand Power Analysis Attacks , 2007 .

[4]  Ingrid Verbauwhede,et al.  A digital design flow for secure integrated circuits , 2006, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[5]  Tim Good,et al.  Pipelined AES on FPGA with support for feedback modes (in a multi-channel environment) , 2007, IET Inf. Secur..

[6]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[7]  Christer Svensson,et al.  Trading speed for low power by choice of supply and threshold voltages , 1993 .

[8]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[9]  M. Renaudin,et al.  A clock-less low-voltage AES crypto-processor , 2005, Proceedings of the 31st European Solid-State Circuits Conference, 2005. ESSCIRC 2005..

[10]  Tadashi Shibata,et al.  Power-balanced reconfigurable floating-gate-MOS logic circuit for tamper resistant VLSI , 2006, 2006 IEEE International Symposium on Circuits and Systems.

[11]  Bart Preneel,et al.  Power-analysis attack on an ASIC AES implementation , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[12]  FRANÇOIS-XAVIER STANDAERT,et al.  An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays , 2006, Proceedings of the IEEE.

[13]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[14]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[15]  Patrick Schaumont,et al.  Securing embedded systems , 2006, IEEE Security & Privacy.

[16]  Bo-Cheng Lai,et al.  AES-based cryptographic and biometric security coprocessor IC in 0.18-/spl mu/m CMOS resistant to side-channel power analysis attacks , 2005, Digest of Technical Papers. 2005 Symposium on VLSI Circuits, 2005..

[17]  Snorre Aunet,et al.  Improving Circuit Security against Power Analysis Attacks with Subthreshold Operation , 2008, 2008 11th IEEE Workshop on Design and Diagnostics of Electronic Circuits and Systems.

[18]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[19]  A. Alvandpour,et al.  A comparative analysis of logic styles for secure IC's against DPA attacks , 2005, 2005 NORCHIP.

[20]  Snorre Aunet,et al.  Three Subthreshold Flip-Flop Cells Characterized in 90 nm and 65 nm CMOS Technology , 2008, 2008 11th IEEE Workshop on Design and Diagnostics of Electronic Circuits and Systems.