Side Channel Analysis Resistant Design Flow

Aigner, Manfred; Mangard, Stefan; Menichelli, Francesco; Menicocci, Renato; Olivieri, Mauro; Popp, Thomas; Scotti, Giuseppe; Trifiletti, Alessandro

doi:10.1109/iscas.2006.1693233

Cited by 18 publications

(14 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some simulators might be used during chip manufacturing process, e.g., Aigner et al [1] presented a design flow that includes SCA analysis.…”

Section: Related Workmentioning

confidence: 99%

Silk

Veshchikov

2014

Proceedings of the 4th Program Protection and Reverse Engineering Workshop

View full text Add to dashboard Cite

This paper proposes a new way of simulating leakage traces using high level of abstraction models and presents a proof of concept implementation simulator called SILK -a tool for leakage simulation for side channel analysis of microcontrollers and microprocessors. SILK is a high level of abstraction simulator that builds a leakage trace based on a source code of an algorithm and several user-defined parameters. One of the main purposes of SILK is data generation for quick analysis of new attacks, countermeasures or preprocessing methods. SILK might also be used to compare different types of attacks, analysis techniques or software countermeasures. This paper presents general structure and parameters of SILK and a typical example of use case. Our experiments were done with two algorithms that run on a microcontroller in order to compare our simulations with real power traces. We compared simulated traces with real power traces using Dynamic Time Warping technique with two different distance metrics. We also compared our simulations with real power traces using Correlation Power Analysis (CPA). We were also able to show that using a high level of abstraction simulation we are able to produce datasets that might be used for side channel analysis. General TermsSecurity

show abstract

“…Some simulators might be used during chip manufacturing process, e.g., Aigner et al [1] presented a design flow that includes SCA analysis.…”

Section: Related Workmentioning

confidence: 99%

Silk

Veshchikov

2014

Proceedings of the 4th Program Protection and Reverse Engineering Workshop

View full text Add to dashboard Cite

show abstract

“…In order to demonstrate the feasibility of leakage current measurements we have built a measurement setup for the SCARD chip. 1 1 813,6 1 0 1 1 1 1 1 1 806,9 1 1 0 1 1 0 1 1 783,7 1 1 0 1 1 0 1 0 783 The SCARD chip has been designed within the framework of the project "Side-Channel Analysis Resistant Design Flow -SCARD" [12] with a chip-card like architecture. The ASIC contains different implementations of an 8051 controller core that is available in the open domain.…”

Section: Measurements On the Scard Chipmentioning

confidence: 99%

“…For cryptographic operation, a hardware AES module is attached to the core. The µP-core is implemented in six different versions on the chip, five versions with Side Channel Analysis countermeasures and one plain version in standard CMOS for reference measurements [12].…”

Section: Measurements On the Scard Chipmentioning

confidence: 99%

Analysis of data dependence of leakage current in CMOS cryptographic hardware

Giorgetti¹,

Scotti²,

Simonetti³

et al. 2007

Proceedings of the 17th ACM Great Lakes Symposium on VLSI

View full text Add to dashboard Cite

A novel power analysis technique for CMOS cryptographic hardware based on leakage power consumption measurements is presented. Algorithms and models to predict the input vector for maximum and minimum leakage current in CMOS gates are reviewed. Extensive transistor level simulations on a simple CMOS crypto core are presented. Leakage current measurements carried out on an ASIC for cryptographic applications implemented in a 0.13 um CMOS technology are reported. The results of this work show that leakage current can be exploited as a side channel by an attacker to extract information about the secret key in cryptographic hardware implemented in short channel CMOS technologies.

show abstract

“…Some design flows have been developed to automatically create more secure designs [30], [33], [34], [35]. Yet, design time security assessment remains a crucial design phase [36].…”

Section: Countermeasures and Challengesmentioning

confidence: 99%

Side-channel attack pitfalls

Tiri

2007

Proceedings of the 44th Annual Conference on Design Automation - DAC '07

View full text Add to dashboard Cite

While cryptographic algorithms are usually strong against mathematical attacks, their practical implementation, both in software and in hardware, opens the door to side-channel attacks. Without expensive equipment or intrusive monitoring, these attacks bypass the mathematical complexity and find the cryptographic key by observing the power consumption or the execution time variations of the device in normal operation mode. The power traces of 8000 encryptions are for instance sufficient to extract the secret key of an unprotected ASIC AES implementation, which is orders of magnitude smaller than the 2 128 tests required to brute force the algorithm. A careful implementation can address these vulnerabilities, yet the solutions conflict with the common design goals to optimize for area, performance and power consumption. This paper introduces the side-channel attack pitfalls, which help create or facilitate the observation of the information leakage, discusses mitigation strategies and identifies opportunities for future research.

show abstract

Side Channel Analysis Resistant Design Flow

Cited by 18 publications

References 7 publications

Silk

Silk

Analysis of data dependence of leakage current in CMOS cryptographic hardware

Side-channel attack pitfalls

Contact Info

Product

Resources

About