Conference Paper

Updates on the Security of FPGAs Against Power Analysis Attacks

DOI: 10.1007/11802839_42 Conference: Reconfigurable Computing: Architectures and Applications, Second International Workshop, ARC 2006, Delft, The Netherlands, March 1-3, 2006, Revised Selected Papers
Source: DBLP


This paper reports on the security of cryptographic algorithms implemented on FPGAs against power analysis attacks. We first
present some improved experiments against these reconfigurable devices, due to an improved measurement process. Although it
is usually believed that FPGAs are noisy targets for such attacks, it is shown that simple power consumption models can nearly
perfectly correlate with actual measurements. Then, we evaluate how these correlation values depend on the resources used
in the FPGAs. Finally, we investigate the possibility to counteract these attacks by using random pre-charges in the devices
and determine how this technique allows a designer to increase the security of an implementation. These results confirm that
side-channel attacks present a serious threat for most microelectronic devices, including FPGAs. To conclude, we discuss the
security vs. efficiency tradeoffs.

Download full-text


Available from: François-Xavier Standaert, Dec 16, 2013
  • Source
    • "These attacks are based on monitoring a physical quantity and applying statistical analysis to extract confidential information from extremely noisy signals. Many research works focused particularly on studying Differential Power Attack (DPA) [2] [3] [4] [5] [6] and have proposed multiple countermeasure techniques at different levels: algorithmic, system and logic [7] [8]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents FPGA implementation and overhead evaluation for an algorithmic DPA countermeasure for advanced encryption standard AES. To reduce implementation overhead the masked compact S-Box, proposed by Canright, was chosen to implement a DPA countermeasure on an SRAM FPGA. Obtained results showed that secured AES IP leads to slices number increase by 60,1% and a frequency decrease by 4%.
    Full-text · Conference Paper · Jan 2009
  • Source
    • "The impact of the RTL architecture on the leakage is studied next year [23]. Some improvements, made possible by signal pre-processing (such as filtering and averaging), are presented in [22]. The overall conclusion of these studies is that unprotected implementations of FPGAs are vulnerable to side-channel attacks, even if the dissipation is different from that of ASICs. "
    [Show abstract] [Hide abstract]
    ABSTRACT: FPGAs are often considered for high-end applications that require embedded cryptography. These devices must thus be protected against physical attacks. However, unlike ASICs, in which custom and backend-level counter-measures can be devised, FPGAs offer less possibilities for a designer to implement counter-measures. We investigate "wave dynamic differential logic'' (WDDL), a logic-level counter-measure based on leakage hiding thanks to balanced dual-rail logic. First of all, we report a CAD methodology for achieving WDDL in FPGA. An experimental security evaluation of the DES (or triple-DES) encryption algorithm in WDDL shows that the usage of positive logic is mandatory to resist to straightforward attacks. Second, we discuss how to reduce the size overhead associated with WDDL. The efficiency of some synthesizers is assessed. In the case of DES, we provide with an original heuristic to obtain substitution boxes smaller than those generated automatically with legacy ASIC synthesizers.
    Full-text · Conference Paper · Aug 2008
  • Source
    • "Most of these papers are related to smart card implementations of the AES block cipher. Other papers analyze ASIC and FPGA implementations of AES [2]-[5]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we first investigate the side channel analysis attack resistance of various FPGA hardware implementations of the ARIA block cipher. The analysis is performed on an FPGA test board dedicated to side channel attacks. Our results show that an unprotected implementation of ARIA allows one to recover the secret key with a low number of power or electromagnetic measurements. We also present a masking countermeasure and analyze its second-order side channel resistance by using various suitable preprocessing functions. Our experimental results clearly confirm that second-order differential side channel analysis attacks also remain a practical threat for masked hardware implementations of ARIA.
    Preview · Article · Apr 2008 · Etri Journal
Show more