Upload
mildred-norton
View
214
Download
0
Embed Size (px)
Citation preview
An EDA-Friendly Protection Scheme
against Side-Channel
Attacks Ali Galip Bayrak1
Nikola Velickovic1, Francesco Regazzoni2, David Novo1, Philip Brisk3 and Paolo Ienne1
2
Side-Channel Attacks
Cryptographic Processing Unit
Secret Key
Physical Device
Plaintext Ciphertext
Physical Observable
(e.g., power consumption)
f(plaintext, key) ~ powerKNOWN KNOWNRECOVERKNOWN
3
Protection Schemes
Main Idea: f(plaintext, key) power
How? Constant or random power consumption
Examples Software Hardware
Constant - SABL (Tiri et al. 2002)MCML (Toprak et al. 2005)
Random Dummy operation insertionMasking (Coron et al. 2000)
MDPL (Popp et al. 2005)iMDPL (Popp et al. 2007)GALS (Gurkaynak et al. 2005)RCDD (Boey et al. 2010)SIRO (Zafar et al. 2010)
4
Motivation
Area: 2X (SABL) – 20X (iMDPL)Energy: 3.5X (WDDL) – 18X (MDPL)
Non-CMOS (SABL, MCML)Algorithm specific (GALS)Technology dependent (WDDL, MDPL)
Fixed overhead (almost all)
Low cost
Fully automated
Tradeoff Security vs. Efficiency
6
Protected Circuit
Com
bin
ato
rial
Cir
cu
it
D
D
D
D
Q
Q
Q
Q
Input
OutputCLK
Clo
ck
Ran
dom
izati
on RCLK0
RCLK1
RCLK2
RCLK3
RCLK0
Qall
RCLK1
RCLK2
RCLK3
8
Clock Randomization
CLK0
CLK1
CLK2
CLKN-1
δ
2δ
(N-1)δ =Δ
… … …
Delayed Clocks
MUX RCLKi
Random ClocksSafe Clock Switching Zone
RND
9
Protected Circuit
Com
bin
ato
rial
Cir
cu
it
D
D
D
Q
Q
Q
Input
OutputCLK
Clo
ck
Ran
dom
izati
on RCLK0
RCLK1
RCLKM-1
RCLK0
Qall
RCLK1
RCLK2
RCLK3
… …
10
Automated Design Flow
High-Level Description
(VHDL/Verilog)
clockrenaming
random clock
generation
code
CodeModification
ModifiedHigh-Level Description
Logic Synthesis
timingconstraints
SynthesizedCircuit
Place &Route
ProtectedIC
Layout
RCLK(i) := MUX(CLK,RND,..)
if (rising_edge(CLK))
if (rising_edge(RCLK(2)))
create_clock … RCLK[0]set_clock_uncertainty … DELTA RCLK[0]
11
Experimental SetupFPGA experiments:
Platform: SASEBO (Side-channel Attack Standard Evaluation Board) G-II.
Two Xilinx FPGAs: Virtex-5 and Spartan- 3A.Toolchain: Xilinx ISE 14.
ASIC experiments:Technology: 65nm STM CMOS standard cell library.Toolchain:
Synopsys Design Compiler for synthesis,Cadence Encounter for placement and routing,Mentor Graphics Modelsim for simulations and Synopsys Nanosim for power estimation.
12
Experimental SetupAES-128 implementation
Design parameters:N: number of delayed clocks.M: number of random clocks.Δ: total amount of delay.
Performance parameters (normalized for unprotected):
Security, Area, Speed and Energy
13
# Clocks vs. Security
• M (number of random clocks) = 8 ✔ [AES-specific]• Bigger N (number of delayed clocks) ✔• >300X security improvement
14
Total Delay vs. Security
• Bigger Δ for a fixed N ✔• Bigger N for a fixed Δ ✔?• 70X secure for N=Δ=16• 300X secure for N=16, Δ=64
15
Total Delay vs. Area
• 8% overhead for 70X security point (Δ=16)• 15% overhead for 300X security point (Δ=64)
16
Total Delay vs. Speed
• 2.3X slowdown for 70X security point (Δ=16)• 7X slowdown for 300X security point (Δ=64)
17
Comparison
• For the embedded systems subject to power analysis attacks, area and energy are much more important than speed!
18
Conclusions• Fully automated design-flow. • Platform and technology agnostic.• Can be applied to any given
implementation.• Does not need security expertise.
• Less overhead than competing countermeasures.• Area and energy efficient.
• Security increase is drastic.• More than 300X with modest overhead.