Power Side Channels in Security ICs: Hardware Countermeasures

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations.

[1]  Jasper G. J. van Woudenberg,et al.  Improving Differential Power Analysis by Elastic Alignment , 2011, CT-RSA.

[2]  Patrick Schaumont,et al.  Masking and Dual-Rail Logic Don't Add Up , 2007, CHES.

[3]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks , 2009, Inscrypt.

[4]  Rached Tourki,et al.  A Comparative Study of Power Consumption Models for CPA Attack , 2012 .

[5]  Megan Wachs,et al.  Gate-Level Masking under a Path-Based Leakage Metric , 2014, CHES.

[6]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[7]  Wayne Luk,et al.  Constant power reconfigurable computing , 2011, 2011 International Conference on Field-Programmable Technology.

[8]  Sylvain Guilley,et al.  Differential Power Analysis Model and Some Results , 2004, CARDIS.

[9]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[10]  Daisuke Suzuki,et al.  Random Switching Logic: A Countermeasure against DPA based on Transition Probability , 2004, IACR Cryptol. ePrint Arch..

[11]  Moni Naor,et al.  Fast Software Encryption , 2014, Lecture Notes in Computer Science.

[12]  Martin Margala,et al.  An integrated countermeasure against differential power analysis for secure smart-cards , 2006, 2006 IEEE International Symposium on Circuits and Systems.

[13]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.

[14]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[15]  M. I. Elmasry,et al.  Dynamic current mode logic (DyCML): a new low-power high-performance logic style , 2001, IEEE J. Solid State Circuits.

[16]  Christof Paar,et al.  Masked Dual-Rail Precharge Logic Encounters State-of-the-Art Power Analysis Methods , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[17]  Thomas Eisenbarth,et al.  Vulnerability modeling of cryptographic hardware to power analysis attacks , 2009, Integr..

[18]  Christof Paar,et al.  A Hardware-Based Countermeasure to Reduce Side-Channel Leakage: Design, Implementation, and Evaluation , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[19]  Annelie Heuser,et al.  Improved algebraic side-channel attack on AES , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[20]  Narayanan Vijaykrishnan,et al.  Power attack resistant cryptosystem design: a dynamic voltage and frequency switching approach , 2005, Design, Automation and Test in Europe.

[21]  Rita Mayer-Sommer,et al.  Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards , 2000, CHES.

[22]  George S. Taylor,et al.  Improving smart card security using self-timed circuits , 2002, Proceedings Eighth International Symposium on Asynchronous Circuits and Systems.

[23]  Eric Peeters,et al.  Power and electromagnetic analysis: Improved model, consequences and comparisons , 2007, Integr..

[24]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[25]  Stefan Mangard,et al.  Side-Channel Leakage of Masked CMOS Gates , 2005, CT-RSA.

[26]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[27]  Thomas Eisenbarth,et al.  Correlation-Enhanced Power Analysis Collision Attack , 2010, CHES.

[28]  Ingrid Verbauwhede,et al.  A digital design flow for secure integrated circuits , 2006, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[29]  Amir Moradi,et al.  Side-Channel Leakage through Static Power - Should We Care about in Practice? , 2014, CHES.

[30]  Tim Güneysu,et al.  Generic Side-Channel Countermeasures for Reconfigurable Devices , 2011, CHES.

[31]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[32]  Sorin A. Huss,et al.  A General Approach to Power Trace Alignment for the Assessment of Side-Channel Resistance of Hardened Cryptosystems , 2012, 2012 Eighth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[33]  Máire O'Neill,et al.  Random clock against differential power analysis , 2010, 2010 IEEE Asia Pacific Conference on Circuits and Systems.

[34]  Ingrid Verbauwhede,et al.  Practical DPA attacks on MDPL , 2009, 2009 First IEEE International Workshop on Information Forensics and Security (WIFS).

[35]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.

[36]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[37]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[38]  Patrick Schaumont,et al.  Changing the Odds Against Masked Logic , 2006, Selected Areas in Cryptography.

[39]  Tim Güneysu,et al.  Using Data Contention in Dual-ported Memories for Security Applications , 2010, Journal of Signal Processing Systems.

[40]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[41]  Yousaf Zafar,et al.  Random clocking induced DPA attack immunity in FPGAs , 2010, 2010 IEEE International Conference on Industrial Technology.

[42]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[43]  Alessandro Trifiletti,et al.  Three-Phase Dual-Rail Pre-charge Logic , 2006, CHES.

[44]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[45]  Arun K. Somani,et al.  Countering Power Analysis Attacks UsingReliable and Aggressive Designs , 2014, IEEE Transactions on Computers.

[46]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[47]  Sylvain Guilley,et al.  A Pre-processing Composition for Secret Key Recovery on Android Smartphone , 2014, WISTP.

[48]  Thomas Plos,et al.  Evaluation of the Detached Power Supply as Side-Channel Analysis Countermeasure for Passive UHF RFID Tags , 2009, CT-RSA.

[49]  Stanislav Bulygin,et al.  Improved algebraic side-channel attack on AES , 2012, HOST.

[50]  Thomas Zefferer,et al.  Evaluation of the Masked Logic Style MDPL on a Prototype Chip , 2007, CHES.

[51]  Mark Zwolinski,et al.  Evaluation of Dynamic Voltage and Frequency Scaling as a Differential Power Analysis Countermeasure , 2007, 20th International Conference on VLSI Design held jointly with 6th International Conference on Embedded Systems (VLSID'07).

[52]  Emmanuel Prouff,et al.  DPA Attacks and S-Boxes , 2005, FSE.

[53]  Elisabeth Oswald,et al.  An ASIC Implementation of the AES SBoxes , 2002, CT-RSA.

[54]  Sylvain Guilley,et al.  Successful attack on an FPGA-based WDDL DES cryptoprocessor without place and route constraints , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[55]  Stefan Mangard,et al.  Practical Second-Order DPA Attacks for Masked Smart Card Implementations of Block Ciphers , 2006, CT-RSA.

[56]  Jean-Sébastien Coron,et al.  Higher-Order Side Channel Security and Mask Refreshing , 2013, FSE.

[57]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[58]  David Blaauw,et al.  Securing Encryption Systems With a Switched Capacitor Current Equalizer , 2010, IEEE Journal of Solid-State Circuits.

[59]  David Novo,et al.  An EDA-friendly protection scheme against side-channel attacks , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[60]  Adi Shamir,et al.  Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies , 2000, CHES.

[61]  Elena Trichina,et al.  Combinational Logic Design for AES SubByte Transformation on Masked Data , 2003, IACR Cryptol. ePrint Arch..

[62]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[63]  Dakshi Agrawal,et al.  Templates as Master Keys , 2005, CHES.

[64]  Emmanuel Prouff,et al.  Provably Secure Higher-Order Masking of AES , 2010, IACR Cryptol. ePrint Arch..