Side channel attacks can be effectively addressed at the circuit level by using dynamic differential logic styles. A key problem is to guarantee a balanced capacitive load at the differential outputs of the logic gates. The main contribution to this load is the capacitance associated with the routing between cells. This paper describes a novel design methodology to route a design in which multiple differential pairs are present. The methodology is able to route 20K+ differential routes. The differential routes are always routed in adjacent tracks and the parasitic effects between the two wires of each differential pair are balanced. The methodology is developed on top of a commercially available EDA tool. It has been developed as part of a secure digital design flow to protect security applications against Differential Power Analysis attacks. Experimental results indicate that a perfect protection is attainable with the aid of the proposed differential routing strategy.
Abstract. Wave dynamic differential logic combined with differential routing is a working, practical technique to thwart side-channel power attacks. Measurement-based experimental results show that a differential power analysis attack on a prototype IC, fabricated in 0.18µm CMOS, does not disclose the entire secret key of the AES algorithm at 1,500,000 measurement acquisitions. This makes the attack de facto infeasible. The required number of measurements is larger than the lifetime of the secret key in most practical systems.
Unified formula for computing elliptic curve point addition and doubling are considered to be resistant against simple power-analysis attack. A new elliptic curve formula known as unified binary Huff curve in this regard has appeared into the literature in 2011. This paper is devoted to analyzing the applicability of this elliptic curve in practice. Our paper has two contributions. We provide an efficient implementation of the unified Huff formula in projective coordinates on FPGA. Secondly, we point out its side-channel vulnerability and show the results of an actual attack. It is claimed that the formula is unified and there will be no power consumption difference when computing point addition and point doubling operations, observable with simple power analysis (SPA). In this paper, we contradict their claim showing actual SPA results on a FPGA platform and propose a modified arithmetic and its suitable implementation technique to overcome the vulnerability.
Recent secure cache designs aim to mitigate sidechannel attacks by randomizing the mapping from memory addresses to cache sets. As vendors investigate deployment of these caches, it is crucial to understand their actual security.In this paper, we consolidate existing randomization-based secure caches into a generic cache model. We then comprehensively analyze the security of existing designs, including CEASER-S and SCATTERCACHE, by mapping them to instances of this model. We tailor cache attacks for randomized caches using a novel PRIME+PRUNE+PROBE technique, and optimize it using burst accesses, bootstrapping, and multi-step profiling. PRIME+ PRUNE+PROBE constructs probabilistic but reliable eviction sets, enabling attacks previously assumed to be computationally infeasible. We also simulate an end-to-end attack, leaking secrets from a vulnerable AES implementation. Finally, a case study of CEASER-S reveals that cryptographic weaknesses in the randomization algorithm can lead to a complete security subversion.Our systematic analysis yields more realistic and comparable security levels for randomized caches. As we quantify how design parameters influence the security level, our work leads to important conclusions for future work on secure cache designs.
Abstract. Security for sensor networks is challenging due to the resource-constrained nature of individual nodes, particularly their energy limitations. However, designing merely for energy savings may not result in a suitable security architecture. This paper investigates the inherent tradeoffs involved between energy, memory, and security robustness in distributed sensor networks. As a driver for the investigation, we introduce an energy-scalable key establishment protocol called cluster key grouping, which takes into account resource limitations in sensor nodes. We then define a metric (the security leakage factor) to quantify security robustness in a system. Finally, a framework called the security-memoryenergy (SME) curve is presented that is used to evaluate and quantify the multi-metric tradeoffs involved in security design.
In this paper an AES crypto coprocessor that is fabricated using a 0.18-ÿm CMOS technology is presented. This crypto coprocessor performs the AES-128 encryption in both feedback and nonfeedback modes of operation. A maximum throughput of 3.84 Gbits/s is achieved at a 330 MHz clock frequency for ECB, OFB, and CBC modes of operation. This crypto coprocessor can be programmed using the memory-mapped interface of an embedded CPU core and is tested using a LEON 32-bit (SPARC V8) processor in the ThumbPod secure system-on-chip.
A Charge Recycling Sense Amplifer Based Logic is presented. This logic is derived from the Sense Amplifer Based Logic, which is a logic style with signal independent power consumption. It has been proven previously to protect security devices such a s Smart Cards against power attacks. Experimental results show that the use of advanced circuit techniques, which enable charge recycling and intermediate precharge voltages, saves 20% in power consumption and 63% in peak supply current and that the logic sfy/e preserves the energy nzasking behavior of rhe Sense Amplifer Based Logic.
This paper presents simple (SEMA) and differential (DEMA) electromagnetic analysis attacks on an FPGA implementation of an elliptic curve processor. Elliptic curve cryptography is a public key cryptosystem that is becoming increasingly popular. Implementations of cryptographic algorithms should not only be fast, compact and power efficient, but they should also resist side channel attacks. One of the side channels is the electromagnetic radiation out of an integrated circuit. Hence it is very important to assess the vulnerability of implementations of cryptosystems against these attacks. A SEMA attack on an unprotected implementation can find all the key bits with only one measurement. We also describe a DEMA attack on an improved implementation and demonstrate that a correlation analysis requires 1000 measurements to find the key bits.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.