-
[show abstract]
[hide abstract]
ABSTRACT: Side-Channel Analysis used for codebreaking could be used constructively as a
probing tool for internal gates in integrated circuits. This paper outlines
basic methods and mathematics for that purpose
03/2011;
-
[show abstract]
[hide abstract]
ABSTRACT: This article presents an asynchronous FPGA architecture for implementing
cryptographic algorithms secured against physical cryptanalysis. We discuss the
suitability of asynchronous reconfigurable architectures for such applications
before proceeding to model the side channel and defining our objectives. The
logic block architecture is presented in detail. We discuss several solutions
for the interconnect architecture, and how these solutions can be ported to
other flavours of interconnect (i.e. single driver). Next We discuss in detail
a high speed asynchronous configuration chain architecture used to configure
our asynchronous FPGA with simulation results, and we present a 3 X 3 prototype
FPGA fabricated in 65 nm CMOS. Lastly we present experiments to test the high
speed asynchronous configuration chain and evaluate how far our objectives have
been achieved with proposed solutions, and we conclude with emphasis on
complementary FPGA CAD algorithms, and the effect of CMOS variation on
Side-Channel Vulnerability.
03/2011;
-
[show abstract]
[hide abstract]
ABSTRACT: Cryptographic circuits are subject to sneak attacks that target directly their implementation. So-called side-channel analyses consist in observing dynamic circuit emanations in order to derive information about the secrets it conceals. Clock-less logic styles natively make side-channel attacks difficult, because of the absence of timing references for the algorithm beginning or ending. We present two ways to implement secure clock-less cryptographic circuits. The first one is based on a local synchronization at the gate level, and helps achieving close to constant emanations. The second one is more audacious as it is based merely on removing all synchronization. This approach proves to be very promising in terms of protection against side-channel attacks, while keeping a reasonable overhead both in terms of cost and performance.
16th IEEE International Conference on Electronics, Circuits, and Systems, ICECS 2009, Yasmine Hammamet, Tunesia, 13-19 December, 2009; 01/2009
-
[show abstract]
[hide abstract]
ABSTRACT: Side-channel attacks are efficient attacks against cryptographic devices. They use only quantities observable from outside, such as the duration and the power consumption. Attacks against synchronous devices using electric observations are facilitated by the fact that all transitions occur simultaneously with some global clock signal. Asynchronous control remove this synchronization and therefore makes it more difficult for the attacker to insulate \emph{interesting intervals}. In addition the coding of data in an asynchronous circuit is inherently more difficult to attack. This article describes the Programmable Logic Block of an asynchronous FPGA resistant against \emph{side-channel attacks}. Additionally it can implement different styles of asynchronous control and of data representation.
10/2008;
-
[show abstract]
[hide abstract]
ABSTRACT: Power-constant logic styles are promising solutions to counter-act side-channel attacks on sensitive cryptographic devices. Recently, one vulnerability has been identified in a standard-cell based power-constant logic called WDDL. Another logic, nicknamed SecLib, is considered and does not present the flaw of WDDL. In this paper, we evaluate the security level of WDDL and SecLib. The methodology consists in embedding in a dedicated circuit one unprotected DES co-processor along with two others, implemented in WDDL and in SecLib. One essential part of this article is to describe the conception of the cryptographic ASIC, devised to foster side-channel cryptanalyses, in a view to model the strongest possible attacker. The same analyses are carried out successively on the three DES modules. We conclude that, provided the backend of the WDDL module is carefully designed, its vulnerability cannot be exploited by the state-of-the-art attacks. Similarly, the SecLib DES module resists all assaults. However, using a principal component analysis, we show that WDDL is more vulnerable than SecLib. The statistical dispersion of WDDL, that reflects the correlation between the secrets and the power dissipation, is proved to be an order of magnitude higher than that of SecLib.
IEEE Transactions on Computers 07/2008; 57:1482-1497. · 1.10 Impact Factor
-
Proceedings of the 45th Design Automation Conference, DAC 2008, Anaheim, CA, USA, June 8-13, 2008; 01/2008
-
Proceedings of the ACM/SIGDA 16th International Symposium on Field Programmable Gate Arrays, FPGA 2008, Monterey, California, USA, February 24-26, 2008; 01/2008
-
IEEE Trans. Computers. 01/2008; 57:1482-1497.
-
Reconfigurable Computing: Architectures, Tools and Applications, 4th International Workshop, ARC 2008, London, UK, March 26-28, 2008. Proceedings; 01/2008
-
Proceedings of the 3rd International Workshop on Reconfigurable Communication-centric Systems-on-Chip, ReCoSoC 2007, Montpellier, France, June 2007; 01/2007
-
[show abstract]
[hide abstract]
ABSTRACT: The run-time reconfigurable (RTR) feature is highly desirable for flexible and fast self-contained systems. RTR can be achieved on some commercial FPGA platforms. We propose an open solution, called FASE that allows for fine-grain RTR, designed to be more intuitive than currently available solutions. The issues of initializing RTR soft IP-cores and a design flow to manage the dynamics of RTR are presented. In the context of secure embedded systems, there is a need for both flexibility and tamper-resistance. However, the robustness level for security constraints is difficult to get and to prove because of the proprietary hidden structures. The FASE architecture addresses these issues. It makes it possible for any designer to implement custom and arbitrary dynamic strategies. We illustrate two case studies: an implementation-level counter-measure against side-channel attacks and an efficient strategy to thwart fault injection attacks against cryptographic functions
Reconfigurable Computing and FPGA's, 2006. ReConFig 2006. IEEE International Conference on; 10/2006
-
[show abstract]
[hide abstract]
ABSTRACT: Résumé Cet article présente la loi de Rent en tant qu'outil théorique d'analyse et de prédiction pour le place-ment/routage des portes logiques dans un ASIC ou un FPGA. Nous présentons une démonstration analytique de cette loi dans un cas particulier, afin de mieux compren-dre la signification des différentes zones qui apparais-sent dans la courbe de Rent. Les limites fondamentales du placement/routage d'un circuit dans un plan bidimen-sionnel sont examinées. Nou etablissons ensuite une re-lation entre cette approche analytique et l'approche du recuit simulé (couramment utilisé dans la pratique), suivi par une application dans le cadre du placement/routage d'une netlist dans un FPGA.
-
[show abstract]
[hide abstract]
ABSTRACT: Security is not only a matter of cryptographic algorithms robustness but becomes also a question of securing their implementation. P. Kocher's Differential Power Analysis (DPA) is one of the many side-channel attacks that are more and more studied by the security community. Indeed, side-channel attacks (SCA) have proved to be very powerful on cryptographic algorithms such as DES and AES, customarily implemented in a wide variety of devices, ranging from smart-cards or ASICs to FPGAs. Among the proposed countermeasures, the ``dual-rail with precharge logic'' (DPL) aims at hiding information leaked by the circuit by making the power consumption independent of the calculation. However DPL logic could be subject to second order attacks exploiting timing difference between dual nets. In this article, we characterize by simulation, the vulnerability due to timing unbalance in the eight DES substitution boxes implemented in DPL WDDL style. The characterization results in a classification of the nodes according to their timing unbalance. Our results show that the timing unbalance is a major weakness of the WDDL logic, and that it could be used to retrieve the key using a DPA attack. This vulnerability has been experimentally observed on a full DES implementation using WDDL style for Altera Stratix EP1S25 FPGA.
-
[show abstract]
[hide abstract]
ABSTRACT: Straightforward implementations of cryptographic algorithms are known to be vulnerable to attacks aimed not at the mathematical structure of the cipher but rather at the weak points of the electronic devices which implement it. These attacks, known as side-channel attacks, have proved to be very powerful in retrieving secret keys from any kind of unprotected electronic device. Amongst the various protection strategies, side-channel hiding is very popular and well studied. The principle of information hiding is to make any leak constant, thus uncorrelated to the device internal secrets. The so-called “dual-rail with precharge logic” (DPL) style is indicated to achieve that goal. For DPL protection to be effective, it further requires a carefully balanced layout so as to obtain equal propagation delays and power consumption on both rails. In this article, we study to which extent the differential place-and-route constraints must be strict in FPGA technology. We describe placement techniques suitable for Xilinx and Altera FPGAs, and quantify the gain of balance they confer. On the one hand, we observed that Xilinx fitting tool achieves naturally good balancing results. On the other hand, the symmetry can be greatly improved with Altera devices, using a manual placement, leading to unprecedented dual netlists balancing.
Hardware-Oriented Security and Trust, IEEE International Workshop on.
