Area optimization of cryptographic co-processors implemented in dual-rail with precharge positive logic

Field programmable gate arrays (FPGAs) become very popular for embedded cryptographic operations. In order to resist side-channel attacks, FPGAs must implement reasoned countermeasures. The most efficient way to mitigate attacks is to adopt a gate-level protection. Two secure gates families exist: those that ldquohiderdquo and those that ldquomaskrdquo side-channel leakage. In this article, we detail methods to reduce the size of wave dynamic differential logic (WDDL) implementations. These circuits are designed to hide any physical leak by ensuring a data-independent activity. This study is meant to be generic, and thus applies to any 4 rarr 1 LUT-based FPGAs. Further optimizations can be reached by taking advantage of some FPGAs proprietary features. Our solutions include RTL code modification, synthesizer usage (potentially in a re-entrant way), and ad hoc mapping. We show that linear parts of algorithms can be delegated to a synthesizer, but that non-linear parts are better off to be handled with heuristics. We present a 23 % area gain over the state-of-the-art as for the positive WDDL triple-DES symmetric encryption algorithm.

[1]  Jean-Jacques Quisquater,et al.  FPGA Implementations of the DES and Triple-DES Masked Against Power Analysis Attacks , 2006, 2006 International Conference on Field Programmable Logic and Applications.

[2]  Sylvain Guilley,et al.  A fast pipelined multi-mode DES architecture operating in IP representation , 2007, Integr..

[3]  Sylvain Guilley,et al.  The "Backend Duplication" Method , 2005, CHES.

[4]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[5]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[6]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[7]  Ingrid Verbauwhede,et al.  Synthesis of Secure FPGA Implementations , 2004, IACR Cryptol. ePrint Arch..

[8]  Ingrid Verbauwhede,et al.  Secure Logic Synthesis , 2004, FPL.

[9]  Ralph Howard,et al.  Data encryption standard , 1987 .

[10]  Bruno Robisson,et al.  DPA on quasi delay insensitive asynchronous circuits: concrete results , 2004 .

[11]  Ingrid Verbauwhede,et al.  Place and Route for Secure Standard Cell Design , 2004, CARDIS.

[12]  Thomas Zefferer,et al.  Evaluation of the Masked Logic Style MDPL on a Prototype Chip , 2007, CHES.

[13]  Patrick Schaumont,et al.  Secure FPGA circuits using controlled placement and routing , 2007, 2007 5th IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[14]  Jean-Didier Legat,et al.  Design Strategies and Modified Descriptions to Optimize Cipher FPGA Implementations: Fast and Compact Results for DES and Triple-DES , 2003, FPL.

[15]  Sylvain Guilley,et al.  Evaluation of Power-Constant Dual-Rail Logic as a Protection of Cryptographic Applications in FPGAs , 2008, 2008 Second International Conference on Secure System Integration and Reliability Improvement.

[16]  Sylvain Guilley,et al.  Place-and-route impact on the security of DPL designs in FPGAs , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[17]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.