Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
A Side-Channel Assisted Cryptanalytic Attack Against QcBits Kapitel lesen Erstes Kapitel lesen

2017 | OriginalPaper | Buchkapitel

Your Rails Cannot Hide from Localized EM: How Dual-Rail Logic Fails on FPGAs

verfasst von : Vincent Immler, Robert Specht, Florian Unterstein

Erschienen in: Cryptographic Hardware and Embedded Systems – CHES 2017

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Protecting cryptographic implementations against side-channel attacks is a must to prevent leakage of processed secrets. As a cell-level countermeasure, so called DPA-resistant logic styles have been proposed to prevent a data-dependent power consumption.
As most of the DPA-resistant logic is based on dual-rails, properly implementing them is a challenging task on FPGAs which is due to their fixed architecture and missing freedom in the design tools.
While previous works show a significant security gain when using such logic on FPGAs, we demonstrate this only holds for power-analysis. In contrast, our attack using high-resolution electromagnetic analysis is able to exploit local characteristics of the placement and routing such that only a marginal security gain remains, therefore creating a severe threat.
To further analyze the properties of both attack and implementation, we develop a custom placer to improve the default placement of the analyzed AES S-box. Different cost functions for the placement are tested and evaluated w.r.t. the resulting side-channel resistance on a Spartan-6 FPGA. As a result, we are able to more than double the resistance of the design compared to cases not benefiting from the custom placement.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Fast Leakage Assessment
Nächstes Kapitel How to Break Secure Boot on FPGA SoCs Through Malicious Hardware
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
We omitted results from probes with 100 \(\upmu \)m and 250 \(\upmu \)m due to similarity reasons. In contrast, a probe with 3 mm was almost equivalent to a power-based measurement.
 
2
\(\mathrm {d} = \mathrm {abs}(x_s - x_m) + \mathrm {abs}(y_s - y_m)\), i.e., the rectangular distance over the grid.
 
3
Our results can also be mapped onto BCDL [28] since it is similar to DPLnoEE.
 
4
At a later point in time, \(en_o\) becomes active in order to check the correct functionality of the circuit. This is not covered by the recorded power and EM traces.
 
Literatur
1.
Federal Information Processing Standards Publication (FIPS 197). Advanced Encryption Standard (AES) (2001)
2.
Betz, V., Rose, J.: VPR: A New Packing, Placement and Routing Ttool for FPGA Research
3.
Bhasin, S., Guilley, S., Flament, F., Selmane, N., Danger, J.-L., Evaluation, C.E.: An approach towards robust dual-rail precharge logic. In: WESS 2010, p. 6. ACM (2010)
4.
5.
Cheng, C.-L.E.: RISA: accurate and efficient placement routability modeling. In: Proceedings of the 1994 IEEE/ACM International Conference on Computer-aided Design, ICCAD 1994, Los Alamitos, CA, USA. IEEE Computer Society Press
6.
Cnudde, T.D., Bilgin, B., Gierlichs, B., Nikov, V., Nikova, S., Rijmen, V.: Does coupling affect the security of masked implementations? Cryptology ePrint Archive, Report 2016/1080 (2016)
7.
De Mulder, E., Buysschaert, P., Ors, S., Delmotte, P., Preneel, B., Vandenbosch, G., Verbauwhede, I.: Electromagnetic analysis attack on an FPGA implementation of an elliptic curve cryptosystem. In: The International Conference on Computer as a Tool, EUROCON 2005, vol. 2, pp. 1879–1882, November 2005
8.
Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 240–262. Springer, Heidelberg (2016). doi:10.​1007/​978-3-662-49890-3_​10 CrossRef
9.
Giechaskiel, I., Eguro, K.: Information Leakage Between FPGA Long Wires. CoRR (2016)
10.
11.
Guilley, S., Hoogvorst, P., Mathieu, Y., Pacalet, R.: The “Backend Duplication” method. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 383–397. Springer, Heidelberg (2005). doi:10.​1007/​11545262_​28 CrossRef
12.
Güneysu, T., Moradi, A.: Generic side-channel countermeasures for reconfigurable devices. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 33–48. Springer, Heidelberg (2011). doi:10.​1007/​978-3-642-23951-9_​3 CrossRef
13.
He, W., de la Torre, E., Riesgo, T.: A precharge-absorbed DPL logic for reducing early propagation effects on FPGA implementations. In: ReConFig 2011. IEEE Computer Society (2011)
14.
He, W., Herrmann, A.: Placement security analysis for side-channel resistant dual-rail scheme in FPGA. In: Proceedings of the Second Workshop on Cryptography and Security in Computing Systems, CS2 2015 (2015)
15.
He, W., Otero, A., de la Torre, E., Riesgo, T.: Automatic generation of identical routing pairs for FPGA implemented DPL logic. In: ReConFig 2012. IEEE (2012)
16.
Herbst, C., Oswald, E., Mangard, S.: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 239–252. Springer, Heidelberg (2006). doi:10.​1007/​11767480_​16 CrossRef
17.
Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231–244. Springer, Heidelberg (2012). doi:10.​1007/​978-3-642-27954-6_​15 CrossRef
18.
Heyszl, J., Merli, D., Heinz, B., Santis, F., Sigl, G.: Strengths and limitations of high-resolution electromagnetic field measurements for side-channel analysis. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 248–262. Springer, Heidelberg (2013). doi:10.​1007/​978-3-642-37288-9_​17 CrossRef
19.
Kaps, J.-P., Velegalati, R.: DPA resistant AES on FPGA using partial DDL. In: FCCM 2010, pp. 273–280. IEEE Computer Society (2010)
20.
21.
Lavin, C., Padilla, M., Lamprecht, J., Lundrigan, P., Nelson, B., Hutchings, B., Wirthlin, M.: Rapidsmith - a library for low-level manipulation of partially placed-and-routed FPGA designs. Technical report, Brigham Young University, September 2012
22.
Lomné, V., Maurine, P., Torres, L., Robert, M., Soares, R., Calazans, N.: Evaluation on FPGA of triple rail logic robustness against DPA and DEMA. In: DATE 2009, pp. 634–639. IEEE (2009)
23.
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, New York (2007)MATH
24.
Mangard, S., Schramm, K.: Pinpointing the side-channel leakage of masked AES hardware implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006). doi:10.​1007/​11894063_​7 CrossRef
25.
Moradi, A., Eisenbarth, T., Poschmann, A., Paar, C.: Power analysis of single-rail storage elements as used in MDPL. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 146–160. Springer, Heidelberg (2010). doi:10.​1007/​978-3-642-14423-3_​11 CrossRef
26.
Moradi, A., Immler, V.: Early propagation and imbalanced routing, How to diminish in FPGAs. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 598–615. Springer, Heidelberg (2014). doi:10.​1007/​978-3-662-44709-3_​33
27.
Nam, G.-J., Villarrubia, P.G.: Placement: introduction/problem formulation. In: Alpert, C.J., Mehta, D.P., Sapatnekar, S.S. (eds.) Handbook of Algorithms for Physical Design Automation, 1st edn, pp. 277–287. Auerbach Publications, Boca Raton (2008)
28.
Nassar, M., Bhasin, S., Danger, J.-L., Duc, G., Guilley, S.: BCDL: a high speed balanced DPL for FPGA with global precharge and no early evaluation. In: DATE 2010, pp. 849–854. IEEE (2010)
29.
Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292–321 (2011)MathSciNetCrossRefMATH
30.
Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A side-channel analysis resistant description of the AES S-box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 413–423. Springer, Heidelberg (2005). doi:10.​1007/​11502760_​28 CrossRef
31.
Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and electromagnetic analysis: improved model, consequences and comparisons. Integr. VLSI J. 40, 52–60 (2007)CrossRef
32.
Quisquater, J.-J., Samyde, D.: ElectroMagnetic analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001). doi:10.​1007/​3-540-45418-7_​17 CrossRef
33.
Sauvage, L., Guilley, S., Danger, J.-L., Mathieu, Y., Nassar, M.: Successful attack on an FPGA-based WDDL DES cryptoprocessor without place and route constraints. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 2009 (2009)
34.
Sauvage, L., Nassar, M., Guilley, S., Flament, F., Danger, J.-L., Mathieu, Y.: DPL on stratix II FPGA: What to expect? In: ReConFig 2009, pp. 243–248. IEEE Computer Society (2009)
35.
Specht, R., Heyszl, J., Kleinsteuber, M., Sigl, G.: Improving non-profiled attacks on exponentiations based on clustering and extracting leakage from multi-channel high-resolution EM measurements. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 3–19. Springer, Cham (2015). doi:10.​1007/​978-3-319-21476-4_​1 CrossRef
36.
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). doi:10.​1007/​978-3-642-01001-9_​26 CrossRef
37.
Suzuki, D., Saeki, M.: Security evaluation of DPA countermeasures using dual-rail pre-charge logic style. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 255–269. Springer, Heidelberg (2006). doi:10.​1007/​11894063_​21 CrossRef
38.
Swartz, W.: Placement using simulated annealing. In: Alpert, C.J., Mehta, D.P., Sapatnekar, S.S. (eds.) Handbook of Algorithms for Physical Design Automation, pp. 311–325. Auerbach Publications, Baco Raton (2008)
39.
Tiri, K., Hwang, D., Hodjat, A., Lai, B.-C., Yang, S., Schaumont, P., Verbauwhede, I.: Prototype IC with WDDL and differential routing – DPA resistance assessment. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 354–365. Springer, Heidelberg (2005). doi:10.​1007/​11545262_​26 CrossRef
40.
Tiri, K., Verbauwhede, I.: A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: DATE 2004, pp. 246–251. IEEE Computer Society (2004)
41.
Tiri, K., Verbauwhede, I.: Place and route for secure standard cell design. In: CARDIS 2004, pp. 143–158. Kluwer (2004)
42.
Unterstein, F., Heyszl, J., De Santis, F., Specht, R.: Dissecting leakage resilient PRFs with multivariate localized em attacks - a practical security evaluation on FPGA. In: Constructive Side-Channel Analysis and Secure Design: 8th International Workshop, April 13–14, 2017, Paris, France. Springer International Publishing (2017)
43.
Wild, A., Moradi, A., Güneysu, T.: GliFreD: Glitch-Free Duplication - Towards Power-Equalized Circuits on FPGAs (2015)
44.
Yu, P., Schaumont, P.: Secure FPGA circuits using controlled placement and routing. In: CODES+ISSS 2007, pp. 45–50. ACM (2007)
Metadaten
Titel
Your Rails Cannot Hide from Localized EM: How Dual-Rail Logic Fails on FPGAs
verfasst von
Vincent Immler
Robert Specht
Florian Unterstein
Copyright-Jahr
2017
Buch
Cryptographic Hardware and Embedded Systems – CHES 2017

Print ISBN: 978-3-319-66786-7

Electronic ISBN: 978-3-319-66787-4

Copyright-Jahr: 2017

DOI
https://doi.org/10.1007/978-3-319-66787-4_20