Physical attacks focus on extracting information from internal parts of IC's. One way to achieve this is by means of connecting probes to wires, so that the content of internal buses and registers can be revealed. Protection against this type of attacks exists, but usually is bulky and expensive, e.g. the shielding of secured areas. This paper presents a novel in-circuit countermeasure that is cheap and can easily be integrated in existing designs to detect probing attempts. It is based on a ring oscillator that operates over coupled lines in a differential mode. When the loading of one of the lines is unbalanced over a tolerance margin, an impulse is generated and integrated over time. If the integration surpasses a given threshold an alarm signal is activated. Simulations show the stability of the detector over a range of temperature and supply voltage variations
In this paper, we present a new scan-path structure for improving the security of systems including scan paths, which normally introduce a security critical information leak channel into a design. Our structure, named differential scan path (DiSP), divides the internal state of the scan path in two sections. During the shift-out operation, only subtraction of the two sections is provided. Inferring the internal state from this subtraction requires much guesswork that increases exponen-tially with scan path length while the resulting fault coverage is only marginally altered. Subtraction does not preserve parity, thus avoiding attacks using parity information. The structure is simple, needs little area and does not require unlocking keys. Through implementing the DiSP in an elliptic curve crypto-graphic coprocessor, we demonstrate how easily it can be inte-grated into existing design tools. Simulations show that test effectiveness is preserved and that the internal state is effec-tively hidden.Postprint (published version
The recent trend to connect a plethora of sensors, embedded and ubiquitous systems with low computing power, in short the rise of the Internet of Things, has created a great demand for compact, lightweight and cheap to produce implementations of cryptographic primitives. One approach to meet this demand is the development and standardisation of new tailored primitives, most prominently PRESENT. Yet, the wide proliferation of the Advanced Encryption Standard and the trust it earned through its long history of withstanding cryptanalysis spurred anew the search for small, lightweight implementations of AES. Among the smallest published architectures is the AtomicAES design by Banik et al. , who reported a design size of just over 2000 GE.Here we present a new 8-bit serial architecture that has been designed from careful observation of the minimum required connections between storage elements to support all dataflows required for execution of the algorithm. While we reach similar conclusions to previous publications, the new architecture enables us to push the area requirement for a fully featured AES primitive further down by more than 8% from the area requirement of AtomicAES while offering more functionality. Along the way we also answer in the affirmative the open question whether the AES reverse keyschedule can be implemented with negligible hardware overhead based on the forward keyschedule. Our design sets a new record for an 8-bit serial architecture with full functionality for encryption and decryption including the keyschedule, as well as for a sole encryption architecture. Furthermore our design is flexible enough to allow scaling the S-Box architecture from single-cycle to multi-stage pipelined approaches as are required for high operation frequencies or for protection against side-channel attacks. We demonstrate this by instantiating the design with a serial version of the S-Box to reduce the area requirement even further.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.