Early Propagation and Imbalanced Routing, How to Diminish in FPGAs

This work deals with DPA-resistant logic styles, i.e., cell-level countermeasures against power analysis attacks that are known as a serious threat to cryptographic devices. Early propagation and imbalanced routings are amongst the well-known issues of such countermeasures, that --- if not considered during the design process --- can cause the underlying cryptographic device to be vulnerable to certain attacks. Although most of the DPA-resistant logic styles target an ASIC design process, there are a few attempts to apply them in an FPGA platform. This is due to the missing freedom in FPGA design tools required to deal with the aforementioned problems. Our contribution in this work is to provide solutions for both early propagation and imbalanced routings considering a modern Xilinx FPGA as the target platform. Foremost, based on the WDDL concept we design a new FPGA-based logic style without early propagation in both precharge and evaluation phases. Additionally, with respect to the limited routing resources within an FPGA we develop a customized router to find the best appropriate dual-rail routes for a given dual-rail circuit. Based on practical experiments on a Virtex-5 FPGA our evaluations verify the efficiency of each of our proposed approaches. They significantly improve the resistance of the design compared to cases not benefiting from our schemes.

[1]  Christof Paar,et al.  Power Analysis of Single-Rail Storage Elements as Used in MDPL , 2009, ICISC.

[2]  Sylvain Guilley,et al.  BCDL: A high speed balanced DPL for FPGA with global precharge and no early evaluation , 2010, 2010 Design, Automation & Test in Europe Conference & Exhibition (DATE 2010).

[3]  Eduardo de la Torre,et al.  Automatic generation of identical routing pairs for FPGA implemented DPL logic , 2012, 2012 International Conference on Reconfigurable Computing and FPGAs.

[4]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.

[5]  Vincent Rijmen,et al.  Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches , 2011, Journal of Cryptology.

[6]  Amir Moradi,et al.  Moments-Correlating DPA , 2016, IACR Cryptol. ePrint Arch..

[7]  Ingrid Verbauwhede,et al.  Place and Route for Secure Standard Cell Design , 2004, CARDIS.

[8]  Zhimin Chen,et al.  Dual-Rail Random Switching Logic: A Countermeasure to Reduce Side Channel Leakage , 2006, CHES.

[9]  Eduardo de la Torre,et al.  A Precharge-Absorbed DPL Logic for Reducing Early Propagation Effects on FPGA Implementations , 2011, 2011 International Conference on Reconfigurable Computing and FPGAs.

[10]  Sylvain Guilley,et al.  The "Backend Duplication" Method , 2005, CHES.

[11]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[12]  Sylvain Guilley,et al.  Countering early evaluation: an approach towards robust dual-rail precharge logic , 2010, WESS '10.

[13]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[14]  Thomas Zefferer,et al.  Evaluation of the Masked Logic Style MDPL on a Prototype Chip , 2007, CHES.

[15]  Jens-Peter Kaps,et al.  Techniques to enable the use of Block RAMs on FPGAS with Dynamic and Differential Logic , 2010, 2010 17th IEEE International Conference on Electronics, Circuits and Systems.

[16]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[17]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[18]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[19]  Jean-Jacques Quisquater,et al.  Information Theoretic Evaluation of Side-Channel Resistant Logic Styles , 2007, CHES.

[20]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[21]  Lionel Torres,et al.  Evaluation on FPGA of triple rail logic robustness against DPA and DEMA , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[22]  Patrick Schaumont,et al.  Secure FPGA circuits using controlled placement and routing , 2007, 2007 5th IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[23]  Jens-Peter Kaps,et al.  DPA Resistant AES on FPGA Using Partial DDL , 2010, 2010 18th IEEE Annual International Symposium on Field-Programmable Custom Computing Machines.

[24]  Sylvain Guilley,et al.  DPL on Stratix II FPGA: What to Expect? , 2009, 2009 International Conference on Reconfigurable Computing and FPGAs.

[25]  Christof Paar,et al.  Masked Dual-Rail Precharge Logic Encounters State-of-the-Art Power Analysis Methods , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[26]  Tim Güneysu,et al.  Generic Side-Channel Countermeasures for Reconfigurable Devices , 2011, CHES.

[27]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[28]  Stefan Mangard,et al.  An AES Smart Card Implementation Resistant to Power Analysis Attacks , 2006, ACNS.

[29]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[30]  Gihwon Kwon,et al.  Efficient CNF Encoding for Selecting 1 from N Objects , 2007 .

[31]  Vincent Rijmen,et al.  A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.