1 / 13

Standard cell based criptographic ASIC resistant to side channel attacks

LABORATORY FOR ELECTRONIC DESIGN AUTOMATION Faculty of Electronic Engineering University of Nis. Standard cell based criptographic ASIC resistant to side channel attacks. Authors : MILENA STANOJLOVI Ć PREDRAG PETKOVIĆ. Overview. Introduction Strategies against SCA

quasim
Télécharger la présentation

Standard cell based criptographic ASIC resistant to side channel attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LABORATORY FOR ELECTRONIC DESIGN AUTOMATION Faculty of Electronic Engineering University of Nis Standard cell based criptographic ASIC resistant to side channel attacks Authors: MILENA STANOJLOVIĆ PREDRAG PETKOVIĆ

  2. Overview • Introduction • Strategies against SCA • Hardware protection of DPA • Resistance to SCA WDDL and NSDDL cells • Conclusion

  3. Introduction Data protection is very important in everyday life and for that reason cryptography received a significant position. Important information and secret keys can be obtained by analyzing consumption encrypted hardware. Some of the methods that allow easier breaking of codes known as SPA (Simple Power Analysis), DPA (Differential Power Analysis) and EMA (Electromagnetic Analysis).Common to all these methods is analysis of information that leaks from physically implemented hardware.

  4. Strategies against SCA Attacks which make use of such inherent physical leak-age are called side-channel attacks (SCA). SCA pose a major threat because the physical implementations of the cryptographic devices are difficult to control and often result in unplanned leakage of information. Typically, side-channel attacks do not require the device to be opened or access to internal parts of the system.

  5. Strategies against SCA The countermeasures proposed against DPA can be grouped into three categories: randomizing, masking, and blinding. We are use a blinding method. One class of this method is known as Dual-rail with Pre-charge Logic (DPL). All signals are duplicated and have true and false representations. Good representatives of DPL are WDDL (Wave Dynamic Differential Logic)and NSDDL (No Short-circuit current Dynamic Differential Logic).

  6. Hardware protection of DPAWDDL • Using De-Morgan's laws it can be shown that OR cell is complementary to AND cell. This concept of complementary cells is used in WDDL method. The first picture shows an encrypted AND cell. During pre-charge phase all signals are set to low level. During evaluating phase only exactly one of outputs goes to the high level. Therefore only one load capacitance will charge from VDD.

  7. Hardware protection of DPANSDDL The main difference between NSDDL and WDDL is in the control logic. In addition to pre-charge phase and evaluating phase, phase of capacitor discharge (dis-charge phase) is introduced to. During pre-charge phase signals PRE and DIS are set to low logic level. Evaluating phase occurs when the PRE signal reaches a high logic level. Dis-charge phase lasts as long as both PRE and DIS signals are at high logic level.

  8. Resistance to SCAWDDL and NSDDL cells Three types of cells are simulated. First two cells are designed using WDDL method. The first cell is designed based on standard cells. This cell gave worse results compared to second cell in which the dimensions of transistors are optimized. Therefore the first cell will be excluded from further consideration. The third cell is designed using NSDDL metod. In this case similar results are obtained as with the second cell. Also power consumption increased as it was expected.

  9. Resistance to SCAWDDL and NSDDL cells • Resistance to SCA is tested for following conditions: • mismatchedloads, • extremlyincreased temperature, • different duration of falling and rising edges of inputs signals • extreme changes of power supply voltage (Vdd)

  10. Resistance to SCAWDDL and NSDDL cells Influence of mismatched loads to relative change in energy for a) oWDDL i b) NSDDL AND cells Influence of extreme temperature and signal dinamics to relative change in energy for a) oWDDL i b) NSDDL AND cells

  11. Resistance to SCAWDDL and NSDDL cells All results indicate that the NSDDL cell is more resistant to SCA than optimized WDDL cell. Influence of extreme values of Vdd to relative change in energy for a) oWDDL i b) NSDDL AND cells

  12. Conclusion Cryptography hardware methods for DPA protection are based on designing structures with power consumption independent of input signals dynamic. Physical implementation of WDDL method is very hard to achieve because it requires perfectly matched loads. This problem is resolved in NSDDL method by introducing Dnor circuitry.

  13. Thank you for your attention

More Related