Random clocking induced DPA attack immunity in FPGAs

Zafar, Y.; Park, Jihan; Har, Dongsoo

doi:10.1109/icit.2010.5472570

Cited by 11 publications

(4 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Random insertion of dummy instructions and random shuffling are such methods. Other countermeasures include randomization of power consumption [Shamir 2000;Benini et al 2003], randomly changing clock frequency [Zafar et al 2010], boolean and arithmetic masking [Coron and Goubin 2000;Akkar and Giraud 2001;Blömer et al 2004;Oswald et al 2005], protected logic styles [Tiri et al 2002;Tiri and Verbauwhede 2004;Toprak and Leblebici 2005], etc. All of these countermeasures increase the effort to mount a successful attack but do not guarantee a perfect protection against side-channel attacks.…”

Section: Side-channel Attacks and Related Workmentioning

confidence: 99%

An architecture-independent instruction shuffler to protect against side-channel attacks

Bayrak

Velickovic

Ienne

et al. 2012

ACM Trans. Archit. Code Optim.

View full text Add to dashboard Cite

Embedded cryptographic systems, such as smart cards, require secure implementations that are robust to a variety of low-level attacks. Side-Channel Attacks (SCA) exploit the information such as power consumption, electromagnetic radiation and acoustic leaking through the device to uncover the secret information. Attackers can mount successful attacks with very modest resources in a short time period. Therefore, many methods have been proposed to increase the security against SCA. Randomizing the execution order of the instructions that are independent, i.e., random shuffling, is one of the most popular among them. Implementing instruction shuffling in software is either implementation specific or has a significant performance or code size overhead. To overcome these problems, we propose in this work a generic custom hardware unit to implement random instruction shuffling as an extension to existing processors. The unit operates between the CPU and the instruction cache (or memory, if no cache exists), without any modification to these components. Both true and pseudo random number generators are used to dynamically and locally provide the shuffling sequence. The unit is mainly designed for in-order processors, since the embedded devices subject to these kind of attacks use simple in-order processors. More advanced processors (e.g., superscalar, VLIW or EPIC processors) are already more resistant to these attacks because of their built-in ILP and wide word size. Our experiments on two different soft in-order processor cores, i.e., OpenRISC and MicroBlaze, implemented on FPGA show that the proposed unit could increase the security drastically with very modest resource overhead. With around 2% area, 1.5% power and no performance overhead, the shuffler increases the effort to mount a successful power analysis attack on AES software implementation over 360 times.

show abstract

Section: Side-channel Attacks and Related Workmentioning

confidence: 99%

An architecture-independent instruction shuffler to protect against side-channel attacks

Bayrak

Velickovic

Ienne

et al. 2012

ACM Trans. Archit. Code Optim.

View full text Add to dashboard Cite

show abstract

“…In order to prevent this re-alignment, Zafar et al introduced in [11] a clock variance method to accomplish misalignment with the same results as delay insertion, but without the risk of the delays being manually removed during DPA processing. This idea is further improved in [3] by randomizing each clock cycle instead of changing the clock frequency after a specified period of time. By using this approach, trace alignment is virtually impossible to accomplish using traditional methods.…”

Section: Existing Approachesmentioning

confidence: 99%

“…The first countermeasure focuses on preventing traces from being aligned by randomizing the clock frequency of the circuit, therefore hindering DPA attempts by an attacker. The idea was introduced by Zafar et al [3] and the concept was simulated using simulation software such as MentorGraphics ModelSim. This research differs in that it provides a realized implementation outside of previous theoretical simulated designs.…”

Section: Introductionmentioning

confidence: 99%

Design and Implementation of Hiding Techniques to Obfuscate Against Side-Channel Attacks on AES

al.¹

2014

IJCNT

View full text Add to dashboard Cite

While AES is computationally secure, it is not without weakness. Side-channel attacks on AES hardware implementations can reveal its secret key. Because of this vulnerability, countermeasures to side-channel attacks are crucial to data security. This paper assesses a current design and proposes a new design for securing AES, along with evaluating their implementation onto field programmable gate arrays. Both countermeasures were successfully implemented, and the data remained secure against common side channel attacks. Results indicate successful obfuscation of the secret key over the original AES algorithm.

show abstract

“…Another common protection method is power trace misalignment, such as using a randomized clock [2], [8], [27], inserting random delays [4] and using multiple clock domains [9]. Randomized clock countermeasures use a single system clock which switches at random discrete time instants.…”

mentioning

confidence: 99%

An EDA-Friendly Protection Scheme against Side-Channel Attacks

Bayrak

Velickovic

Regazzoni

et al. 2013

Design, Automation &Amp; Test in Europe Conference &Amp; Exhibition (DATE), 2013

View full text Add to dashboard Cite

Abstract-This paper introduces a generic and automated methodology to protect hardware designs from side-channel attacks in a manner that is fully compatible with commercial standard cell design flows. The paper describes a tool that artificially adds jitter to the clocks of the sequential elements of a cryptographic unit, which increases the non-determinism of signal timing, thereby making the physical device more difficult to attack. Timing constraints are then specified to commercial EDA tools, which restore the circuit functionality and efficiency while preserving the introduced randomness. The protection scheme is applied to an AES-128 hardware implementation that is synthesized using both ASIC and FPGA design flows.

show abstract

Random clocking induced DPA attack immunity in FPGAs

Cited by 11 publications

References 1 publication

An architecture-independent instruction shuffler to protect against side-channel attacks

An architecture-independent instruction shuffler to protect against side-channel attacks

Design and Implementation of Hiding Techniques to Obfuscate Against Side-Channel Attacks on AES

An EDA-Friendly Protection Scheme against Side-Channel Attacks

Contact Info

Product

Resources

About