Side-channel countermeasures utilizing dynamic logic reconfiguration: Protecting AES/Rijndael and Serpent encryption in hardware

Abstract Dynamic logic reconfiguration is a concept that allows for efficient on-the-fly modifications of combinational circuit behavior in both ASIC and FPGA devices. The reconfiguration of Boolean functions is achieved by modification of their generators (e.g., shift register-based look-up tables) and it can be controlled from within the chip, without the necessity of any external intervention. This hardware polymorphism can be utilized for the implementation of side-channel attack countermeasures, as demonstrated by Sasdrich et al. for the lightweight cipher PRESENT. In this work, we adapt these countermeasures to two of the AES finalists, namely Rijndael and Serpent. Just like PRESENT, both Rijndael and Serpent are block ciphers based on a substitution–permutation network. We describe the countermeasures and adjustments necessary to protect these ciphers using the resources available in modern Xilinx FPGAs. We describe our implementations and evaluate the side-channel leakage and effectiveness of different countermeasures combinations using a methodology based on Welch’s t-test. Furthermore, we attempt to break the protected AES/Rijndael implementation using second-order DPA/CPA attacks. We did not detect any significant first-order leakage from the fully protected versions of our implementations. Using one million power traces, we detect second-order leakage from Serpent encryption, while AES encryption second-order leakage is barely detectable. We show that the countermeasures proposed by Sasdrich et al.are, with some modifications, successfully applicable to AES and Serpent.

[1]  S. K. Nandy,et al.  REDEFINE: Runtime reconfigurable polymorphic ASIC , 2009, TECS.

[2]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.

[3]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[4]  François-Xavier Standaert,et al.  Security analysis of higher-order Boolean masking schemes for block ciphers (with conditions of perfect masking) , 2008, IET Inf. Secur..

[5]  Tim Güneysu,et al.  Achieving side-channel protection with dynamic logic reconfiguration on modern FPGAs , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[6]  Ranjani Narayan,et al.  A Flexible Crypto-system Based upon the REDEFINE Polymorphic ASIC Architecture , 2012 .

[7]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[8]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[9]  Emmanuel Prouff,et al.  Masking against Side-Channel Attacks: A Formal Security Proof , 2013, EUROCRYPT.

[10]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[11]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[12]  François-Xavier Standaert,et al.  How (not) to Use Welch's T-test in Side-Channel Security Evaluations , 2018, IACR Cryptol. ePrint Arch..

[13]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[14]  Alexandre Yakovlev,et al.  Design and analysis of dual-rail circuits for security applications , 2005, IEEE Transactions on Computers.

[15]  Ingrid Verbauwhede,et al.  Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration , 2008, CHES.

[16]  Amir Moradi,et al.  Leakage Assessment Methodology - A Clear Roadmap for Side-Channel Evaluations , 2015, CHES.

[17]  Hendra Guntur,et al.  Side-channel AttacK User Reference Architecture board SAKURA-G , 2014, 2014 IEEE 3rd Global Conference on Consumer Electronics (GCCE).

[18]  Elaine B. Barker,et al.  Report on the Development of the Advanced Encryption Standard (AES) , 2001, Journal of research of the National Institute of Standards and Technology.

[19]  Frank M. Brown,et al.  Boolean reasoning - the logic of boolean equations , 1990 .