DPA resistance for light-weight implementations of cryptographic algorithms on FPGAs
ABSTRACT Recent advances in field programmable gate array (FPGA) technology are bound to make FPGAs a popular platform for battery powered devices. Many applications of such devices are mission critical and require the use of cryptographic algorithms to provide the desired security. However, differential power analysis (DPA) attacks pose a sever threat against otherwise secure cryptographic implementations. Current techniques to defend against DPA attacks such as dynamic differential logic (DDL) lead to an increase in area consumption of factor five or more. In this paper we show that moderate security against DPA attacks can be achieved for FPGAs using DDL resulting in an area increase of not much more than a factor two over standard FPGA implementations. Our design flow requires only FPGA design tools and some scripts.
- [Show abstract] [Hide abstract]
ABSTRACT: Security at low cost is an important factor for cryptographic hardware implementations. Unfortunately, the security of cryptographic implementations is threatened by Side Channel Analysis (SCA). SCA attempts to discover the secret key of a device by exploiting implementation characteristics and bypassing the algorithm's mathematical security. Differential Power Analysis (DPA) is a type of SCA, which exploits the device's power consumption characteristics. Several countermeasures to DPA have been proposed, however, all of them increase security at the cost of increased area which in-turn leads to increased power consumption and reduced throughput. FPGAs are popular due to their reconfigurability, lower development cost, off-the-shelf availability and shorter time to market. Block RAMs (BRAM) are large memories in FPGAs that are commonly used as ROM, FIFO, Look-up tables, etc. In this paper we explore the DPA resistance of BRAMs in Xilinx FPGAs and verify if their usage can improve the security. The results of our Advanced Encryption Standard (AES) implementations show that using BRAMs alone can improve the security over a look-up table (LUT) only design 9 times. Applying Separated Dynamic Differential Logic (SDDL) for FPGAs, a countermeasure against DPA, to this design doubles the security again leading to an 18 fold increase over the unprotected LUT design.ReConFig'10: 2010 International Conference on Reconfigurable Computing and FPGAs, Cancun, Quintana Roo, Mexico, 13-15 December 2010, Proceedings; 01/2010
Conference Paper: DPA Resistant AES on FPGA Using Partial DDL.[Show abstract] [Hide abstract]
ABSTRACT: Current techniques to implement Dynamic Differential Logic (DDL), a countermeasure against Differential Power Analysis (DPA) on Field Programmable Gate Arrays (FPGAs) lead to an increase in area consumption of up to factor 11. In this paper we introduce Partial DDL, a technique in which DDL is applied only to a part of the cryptographic hardware implementation. We propose principle rules for Partial DDL to guide the designer in how to split up a circuit into DDL protected and unprotected paths. In order to validate our approach we implemented a lightweight architecture of AES in the Partial Separated Dynamic Differential Logic (Partial SDDL) for FPGAs. The results show that our implementation with Partial SDDL is as resistant to DPA as a full SDDL implementation while it consumes only 76% of the total area occupied by the full SDDL design. This is an area increase of 2.3 times over an unprotected single ended design.18th IEEE Annual International Symposium on Field-Programmable Custom Computing Machines, FCCM 2010, Charlotte, North Carolina, USA, 2-4 May 2010; 01/2010
- [Show abstract] [Hide abstract]
ABSTRACT: Block RAMs (BRAMs) are commonly used by implementations of cryptographic algorithms on Field Programmable Gate Arrays (FPGAs). Unfortunately, any hardware implementation of a cryptographic function is susceptible to differential power analysis (DPA) attacks unless it is protected. Dynamic and Differential Logic (DDL), a constant power consumption logic style, is the most popular and successful defense method against DPA attacks. The required Measurements to Disclosure (MTD) of the key has been shown to be larger than the life period of the secret key in most systems. DDL implementations on FPGAs proposed till date incur a large area overhead. In this paper we show that BRAMs can be used within a DDL design without compromising its security. We propose and analyze several implementation techniques for using BRAMs in DDL designs. Our results show that such DDL implementations increase the MTDs by a factor 4 over unprotected designs which use BRAMs and by a factor 2.5 over DDL implementations which do not use BRAMs.17th IEEE International Conference on Electronics, Circuits, and Systems, ICECS 2010, Athens, Greece, 12-15 December, 2010; 01/2010