Implementation of DPA-Resistant Circuit for FPGA

Yu, Pengyuan

16 May 2007

In current Field-Programmable-Logic Architecture (FPGA) design flows, it is very hard to control the routing of submodules. It is thus very hard to make an identical copy of an existing circuit within the same FPGA fabric. We have solved this problem in a way that still enables us to modify the logic function of the copied submodule. Our technique has important applications in the design of side-channel resistant implementations in FPGA. Starting from an existing single-ended design, we are able to create a complementary circuit. The resulting overall circuit strongly reduces the power-consumption-dependent information leaks. We will show all the necessary steps needed to implement secure circuits on a FPGA, from initial design stage all the way to verification of the level of security through laboratory measurements. We show that the direct mapping of a secure ASIC circuit-style in an FPGA does not preserve the same level of security, unless our symmetrical routing technique is employed. We demonstrate our approach on an FPGA prototype of a cryptographic design, and show through power-measurements followed by side-channel power analysis that secure logic implemented with our approach is resistant whereas non-routing-aware directly mapped circuit can be successfully attacked. / Master of Science

Differential Power Analysis

Secure Circuit

Field programmable gate arrays

Design Techniques for Side-channel Resistant Embedded Software

Sinha, Ambuj Sudhir

25 August 2011

Side Channel Attacks (SCA) are a class of passive attacks on cryptosystems that exploit implementation characteristics of the system. Currently, a lot of research is focussed towards developing countermeasures to side channel attacks. In this thesis, we address two challenges that are an inherent part of the efficient implementation of SCA countermeasures. While designing a system, design choices made for enhancing the efficiency or performance of the system can also affect the side channel security of the system. The first challenge is that the effect of different design choices on the side channel resistance of a system is currently not well understood. It is important to understand these effects in order to develop systems that are both secure and efficient. A second problem with incorporating SCA countermeasures is the increased design complexity. It is often difficult and time consuming to integrate an SCA countermeasure in a larger system. In this thesis, we explore that above mentioned problems from the point of view of developing embedded software that is resistant to power based side channel attacks. Our first work is an evaluation of different software AES implementations, from the perspective of side channel resistance, that shows the effect of design choices on the security and performance of the implementation. Next we present work that identifies the problems that arise while designing software for a particular type of SCA resistant architecture - the Virtual Secure Circuit. We provide a solution in terms of a methodology that can be used for developing software for such a system - and also demonstrate that this methodology can be conveniently automated - leading to swifter and easier software development for side channel resistant designs. / Master of Science

Bitslice Cryptography

Side Channel Attacks

Virtual Secure Circuit

Secure Embedded Systems

Side-channel Countermeasures

SCA-Resistant and High-Performance Embedded Cryptography Using Instruction Set Extensions and Multi-Core Processors

Chen, Zhimin

28 July 2011

Nowadays, we use embedded electronic devices in almost every aspect of our daily lives. They represent our electronic identity; they store private information; they monitor health status; they do confidential communications, and so on. All these applications rely on cryptography and, therefore, present us a research objective: how to implement cryptography on embedded systems in a trustworthy and efficient manner. Implementing embedded cryptography faces two challenges - constrained resources and physical attacks. Due to low cost constraints and power budget constraints, embedded devices are not able to use high-end processors. They cannot run at extremely high frequencies either. Since most embedded devices are portable and deployed in the field, attackers are able to get physical access and to mount attacks as they want. For example, the power dissipation, electromagnetic radiation, and execution time of embedded cryptography enable Side-Channel Attacks (SCAs), which can break cryptographic implementations in a very short time with a quite low cost. In this dissertation, we propose solutions to efficient implementation of SCA-resistant and high-performance cryptographic software on embedded systems. These solutions make use of two state-of-the-art architectures of embedded processors: instruction set extensions and multi-core architectures. We show that, with proper processor micro-architecture design and suitable software programming, we are able to deliver SCA-resistant software which performs well in security, performance, and cost. In comparison, related solutions have either high hardware cost or poor performance or low attack resistance. Therefore, our solutions are more practical and see a promising future in commercial products. Another contribution of our research is the proper partitioning of the Montgomery multiplication over multi-core processors. Our solution is scalable over multiple cores, achieving almost linear speedup with a high tolerance to inter-core communication delays. We expect our contributions to serve as solid building blocks that support secure and high-performance embedded systems. / Ph. D.

embedded systems

embedded security

virtual secure circuit

cryptography

pSHS

side-channel attack

parallel Montgomery multiplication