Random Delay Insertion: Effective Countermeasure against DPA on FPGAs
|
|
- Alisha Jenkins
- 6 years ago
- Views:
Transcription
1 Random Delay Insertion: Effective Countermeasure against DPA on FPGAs Lu, Yingxi Dr. Máire O Neill Prof. John McCanny Overview September 2004
2 PRESENTATION OUTLINE DPA and countermeasures Random Delay Insertion (RDI countermeasure Design parameters FPGA implementation Case study on AES Attacks against RDI
3 WHAT IS DPA? Side Channel Attack Reveal the security key stored in cryptographic implementations by monitoring physical characteristics, e.g. power, EM, timing. Differential Power Analysis One of the most effective SCA attacks. Analyzes the instantaneous power consumption of a security device.
4 Trigger Probe 2 WHAT IS DPA? Probe 1 Vcc R = 1 ohm Power Supply Ground Clock Generator Clk ( i i pt irh T, Bus T: Trace set. pt i : Plaintext t of round i. I/O irh i : Intermediate result under hypothesis of round i.
5 WHAT IS DPA? Plaintext Sequence Key-space under attack reduces from to Device Under Attack Oscilloscope Board Controller Mix Signal Oscilloscope AES Software Sub- -Key Spac ce Trace set: T plaintext : Power plaintext : key Pre-process Correlation function Test vectors
6 DPA COUNTERMEASURES To be effective, a cryptographic implementation should include multiple countermeasure techniques. Ephemeral keys, etc. Masking, etc. Precharged Random Delay Dual-Rail Insertion Logic, is etc. here.
7 DPA COUNTERMEASURES Each countermeasure has its weakness. Only applicable to specific applications. Ephemeral keys, etc. 5 no. of samples are required to break it - not sufficient. [Mangard et al.] ] Masking, etc. 10 power consumption. Precharged Dual-Rail Logic, etc. [Pramstaller et al.]
8 WHAT IS RDI? Delays can be inserted before the cryptographic execution to change the position of operations in the time-dimension.
9 WHAT IS RDI? RDI on microprocessor / smart- card can be easily attacked. [Clavier et, al.] Because, Length of delay corresponds Delays can be inserted before the cryptographic to length of the clock cycle - can execution to change the position be of easily operations identified. in the time-dimension. And therefore, the length of the delay is limited. Registers need to be included between the delay and the key- dependent operations. The above disadvantages DO NOT apply on FPGA & ASIC. The delay is not implemented by instructions. This work is the first RDI FPGA This work is the first RDI FPGA implementation.
10 DESIGN PARAMETERS P total = ( P data dependent + P + P data independen t P
11 DESIGN PARAMETERS P total = ( P data dependent + P + P data independen t C ( H, P total E ( H ( Pd + P + Pind E( H E( ( Pd + P + Pind Var ( H Var( P + P + P = d ind Q P d P Pind, H P, H P ind Given P d and given large C ( H, P total Var( P Var( P 1 E( H Pd E( H E( Pd Var( Pd Var( Pd = Var( H ( Var( P + Var( P + Var( P = ( H, P C d 1 1 Var SNR Var d ( P ( P d ind ( + Var P Following linear assumption, P : C ( H, P total 1 δ = k max max
12 DESIGN PARAMETERS P total = ( P data dependent + P + P data independen t ( H ( Pd + P + Pind E( H E( ( Pd + P + Pind Var ( H Var( P + P + P E C ( H, P total : discrete variable, 0 < <d max. δ : the deviation of. k : natural number, max = k δ. Q P P P, H P H P d = ind, Lower C(H, P total to achieve higher security - requires large max and k, but small δ. ind C ( H, P total Var( P Var( P 1 E( H Pd E( H E( Pd Var( Pd Var( Pd = Var( H ( Var( P + Var( P + Var( P Trade-off between d security and ind performance / cost. C( H, Pd 1 = 1 Var P SNR Var ( ( P d ind Given P d and given large ( + Var P Following linear assumption, P : C ( H, P total 1 δ = k max max
13 OPTIMUM PARAMETERS? Step 1. Measure the power traces from the original cryptographic implementation. ti Step 2. Modify the power traces with random delay up to max and down to δ. Step 3. Perform DPA on the shifted traces to check whether it is successful. Correct Key Hypothesis Time
14 FPGA IMPLEMENTATION Split Random Delay Insertion (Split-RDI Attackers can counteract Intermediate Result RDI using realignment algorithms to identify the delay. We split and apply the delay to multiple stages to protect our delay from such realignment attacks. Intermediate Result
15 FPGA IMPLEMENTATION Split Delay True Random logic [Bucci Number Delay et Insertion al.] Generator ] (Split-RDI [Schellekens et al.] ]
16 FPGA IMPLEMENTATION Now let s recall the parameters. a To lower the correlation, we should: C ( H, P total Increase max. But this increases the delay and reduces the speed. k 1 max = δ max Decrease δ. Significantly lowers correlation. But limited by k. I k B t i ifi tl i Increase k. But significantly increases power and area, a larger k implies more random bits.
17 CASE STUDY: : AES Step 1. Measure the power traces from the original cryptographic implementation. ti Step 2. Modify the power traces with random delay up to max and down to δ. Step 3. Perform DPA on the shifted traces to check whether it is successful.
18 CASE STUDY: : AES DPA results of shifted power traces measured from an original AES FPGA implementation. Correct Key Hypothesis k = 12 means 4 bits TRNG is required. C(H, P Wrong Key Hypothesis max (1/f sample δ = t s : RDI is effective when max > 12t s.
19 CASE STUDY: : AES DPA results of shifted power traces measured from an original AES FPGA implementation. Correct Key Hypothesis Correct Key Correct Hypothesis Key Hypothesis δ = 8ts δ = 10ts C(H, P P Wrong Key Hypothesis Effective Wrong Wrong Key Key Hypothesis max increases considerably with larger δ! max (1/f sample δ δ = 6t 8t s : s : RDI max is > effective 23t s. δ = when 10t s : max max > >33t 15t s..
20 CASE STUDY: : AES We finally implemented the RDI with the following parameters. δ = 2t s, max = 16t s, k = 8. (3 bits TRNG is required. RDI results in a low-cost DPA countermeasure (figures including the TRNG. Increase in Area Decrease in Speed Increase in Power RDI Masking MDPL WDDL RDI Masking MDPL WDDL RDI Masking MDPL WDDL
21 ATTACK AGAINST RDI We evaluated ated the above AES FPGA implementation with RDI applied under three DPA attack techniques. Original DPA attack. DPA attack with Sliding Window post-computation. DPA attack with realignment pre-computation. on Coefficient Average Correlatio 0. 1 SW DPA Correct Correct Key Key Hypothesis SW DPA Wrong Keys Original RDI. [Bucci et al.] DPA Correct Key 0.4L and Wrong 0.48LKeys0.56L L 0.16L 0.24L 0.32L Time Delay Time 0.64L on Coefficient Correct Key Hypothesis Split RDI Average Correlatio L 0.16L 0.24L 0.32L 0.4L 0.48L 0.56L 0.64L Time Delay WITHOUT Short delay RDI applied. d Full length WITH delay RDI applied. d
22 ATTACK AGAINST RDI A recently developed DPA attack in the frequency domain is also performed on the proposed p countermeasure. N 1 n κ x( n X ( κ = x( n ω N x n= 0 n l ( n l X ( κ ω N However, the effectiveness of such an attack depends on the DFT window size N.
23 CONCLUSIONS Random Delay Insertion technique is an effective countermeasure against DPA when implemented on FPGAs. The trade off between performance and design cost has been discussed. And RDI results in a low-cost DPA countermeasure. A Split-RDI with carefully chosen delay can be used to prevent realignment, Sliding Window DPA and the attack in the frequency domain. Thank you!
DPA-Resistance without routing constraints?
Introduction Attack strategy Experimental results Conclusion Introduction Attack strategy Experimental results Conclusion Outline DPA-Resistance without routing constraints? A cautionary note about MDPL
More informationIntroduction to Side Channel Analysis. Elisabeth Oswald University of Bristol
Introduction to Side Channel Analysis Elisabeth Oswald University of Bristol Outline Part 1: SCA overview & leakage Part 2: SCA attacks & exploiting leakage and very briefly Part 3: Countermeasures Part
More informationSide-Channel Leakage in Masked Circuits Caused by Higher-Order Circuit Effects
Side-Channel Leakage in Masked Circuits Caused by Higher-Order Circuit Effects Zhimin Chen, Syed Haider, and Patrick Schaumont Virginia Tech, Blacksburg, VA 24061, USA {chenzm,syedh,schaum}@vt.edu Abstract.
More informationLeakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th, 015 Motivation Security Evaluation Motivation Security Evaluation
More informationMasking and Dual-rail Logic Don't Add Up
Masking and Dual-rail Logic Don't Add Up Patrick Schaumont schaum@vt.edu Secure Embedded Systems Group ECE Department Kris Tiri kris.tiri@intel.com Digital Enterprise Group Intel Corporation Our Contributions
More informationOn the Masking Countermeasure and Higher-Order Power Analysis Attacks
1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.
More informationComparison of some mask protections of DES against power analysis Kai Cao1,a, Dawu Gu1,b, Zheng Guo1,2,c and Junrong Liu1,2,d
International Conference on Manufacturing Science and Engineering (ICMSE 2015) Comparison of some mask protections of DES against power analysis Kai Cao1,a, Dawu Gu1,b, Zheng Guo1,2,c and Junrong Liu1,2,d
More informationDifferential Power Analysis Attacks Based on the Multiple Correlation Coefficient Xiaoke Tang1,a, Jie Gan1,b, Jiachao Chen2,c, Junrong Liu3,d
4th International Conference on Sensors, Measurement and Intelligent Materials (ICSMIM 2015) Differential Power Analysis Attacks Based on the Multiple Correlation Coefficient Xiaoke Tang1,a, Jie Gan1,b,
More informationInvestigations of Power Analysis Attacks on Smartcards *
Investigations of Power Analysis Attacks on Smartcards * Thomas S. Messerges Ezzy A. Dabbish Robert H. Sloan 1 Dept. of EE and Computer Science Motorola Motorola University of Illinois at Chicago tomas@ccrl.mot.com
More informationAUTHOR COPY. A VLSI implementation of an SM4 algorithm resistant to power analysis
Journal of Intelligent & Fuzzy Systems 31 (2016) 795 803 DOI:10.3233/JIFS-169011 IOS Press 795 A VLSI implementation of an SM4 algorithm resistant to power analysis Siyang Yu a,, Kenli Li b, Keqin Li a,b,
More informationElliptic Curve Cryptography and Security of Embedded Devices
Elliptic Curve Cryptography and Security of Embedded Devices Ph.D. Defense Vincent Verneuil Institut de Mathématiques de Bordeaux Inside Secure June 13th, 2012 V. Verneuil - Elliptic Curve Cryptography
More informationSeveral Masked Implementations of the Boyar-Peralta AES S-Box
Several Masked Implementations of the Boyar-Peralta AES S-Box Ashrujit Ghoshal 1[0000 0003 2436 0230] and Thomas De Cnudde 2[0000 0002 2711 8645] 1 Indian Institute of Technology Kharagpur, India ashrujitg@iitkgp.ac.in
More informationInformation Security Theory vs. Reality
Information Security Theory vs. Reality 0368-4474, Winter 2015-2016 Lecture 3: Power analysis, correlation power analysis Lecturer: Eran Tromer 1 Power Analysis Simple Power Analysis Correlation Power
More informationSliding-Window Correlation Attacks Against Encryption Devices with an Unstable Clock
Sliding-Window Correlation Attacks Against Encryption Devices with an Unstable Clock Dor Fledel 1 and Avishai Wool 1 School of Electrical Engineering, Tel-Aviv University, Tel-Aviv 69978, Israel dorfledel@tau.ac.il,
More informationChannel Equalization for Side Channel Attacks
Channel Equalization for Side Channel Attacks Colin O Flynn and Zhizhang (David) Chen Dalhousie University, Halifax, Canada {coflynn, z.chen}@dal.ca Revised: July 10, 2014 Abstract. This paper introduces
More informationSquare Always Exponentiation
Square Always Exponentiation Christophe Clavier 1 Benoit Feix 1,2 Georges Gagnerot 1,2 Mylène Roussellet 2 Vincent Verneuil 2,3 1 XLIM-Université de Limoges, France 2 INSIDE Secure, Aix-en-Provence, France
More informationSide-channel attacks on PKC and countermeasures with contributions from PhD students
basics Online Side-channel attacks on PKC and countermeasures (Tutorial @SPACE2016) with contributions from PhD students Lejla Batina Institute for Computing and Information Sciences Digital Security Radboud
More informationLS-Designs. Bitslice Encryption for Efficient Masked Software Implementations
Bitslice Encryption for Efficient Masked Software Implementations Vincent Grosso 1 Gaëtan Leurent 1,2 François Xavier Standert 1 Kerem Varici 1 1 UCL, Belgium 2 Inria, France FSE 2014 G Leurent (UCL,Inria)
More informationLightweight Cryptography Meets Threshold Implementation: A Case Study for Simon
Lightweight Cryptography Meets Threshold Implementation: A Case Study for Simon by Aria Shahverdi A Thesis Submitted to the Faculty of the WORCESTER POLYTECHNIC INSTITUTE In partial fulfillment of the
More informationTHEORETICAL SIMPLE POWER ANALYSIS OF THE GRAIN STREAM CIPHER. A. A. Zadeh and Howard M. Heys
THEORETICAL SIMPLE POWER ANALYSIS OF THE GRAIN STREAM CIPHER A. A. Zadeh and Howard M. Heys Electrical and Computer Engineering Faculty of Engineering and Applied Science Memorial University of Newfoundland
More informationYet another side-channel attack: Multi-linear Power Analysis attack (MLPA)
Yet another side-channel attack: Multi-linear Power Analysis attack (MLPA) Thomas Roche, Cédric Tavernier Laboratoire LIG, Grenoble, France. Communications and Systems, Le Plessis Robinson, France. Cryptopuces
More informationPower Consumption Analysis. Arithmetic Level Countermeasures for ECC Coprocessor. Arithmetic Operators for Cryptography.
Power Consumption Analysis General principle: measure the current I in the circuit Arithmetic Level Countermeasures for ECC Coprocessor Arnaud Tisserand, Thomas Chabrier, Danuta Pamula I V DD circuit traces
More informationSide Channel Analysis and Protection for McEliece Implementations
Side Channel Analysis and Protection for McEliece Implementations Thomas Eisenbarth Joint work with Cong Chen, Ingo von Maurich and Rainer Steinwandt 9/27/2016 NATO Workshop- Tel Aviv University Overview
More informationComprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure
Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure Amir Moradi and Oliver Mischke Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany {moradi,mischke}@crypto.rub.de
More informationEvitando ataques Side-Channel mediante el cálculo de curvas isógenas e isomorfas
1 / 24 Evitando ataques Side-Channel mediante el cálculo de curvas isógenas e isomorfas R. Abarzúa 1 S. Martínez 2 J. Miret 2 R. Tomàs 2 J. Valera 2 1 Universidad de Santiago de Chile (Chile). e-mail:
More informationEfficient Application of Countermeasures for Elliptic Curve Cryptography
Efficient Application of Countermeasures for Elliptic Curve Cryptography Vladimir Soukharev, Ph.D. Basil Hess, Ph.D. InfoSec Global Inc. May 19, 2017 Outline Introduction Brief Summary of ECC Arithmetic
More informationHow to Evaluate Side-Channel Leakages
How to Evaluate Side-Channel Leakages 7. June 2017 Ruhr-Universität Bochum Acknowledgment Tobias Schneider 2 Motivation Security Evaluation Attack based Testing Information theoretic Testing Testing based
More informationSymbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes
Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes Workshop PROOFS Inès Ben El Ouahma Quentin Meunier Karine Heydemann Emmanuelle Encrenaz Sorbonne Universités, UPMC Univ Paris
More informationHardware Security Side channel attacks
Hardware Security Side channel attacks R. Pacalet renaud.pacalet@telecom-paristech.fr May 24, 2018 Introduction Outline Timing attacks P. Kocher Optimizations Conclusion Power attacks Introduction Simple
More informationA Sound Method for Switching between Boolean and Arithmetic Masking
A Sound Method for Switching between Boolean and Arithmetic Masking Louis Goubin CP8 Crypto Lab, SchlumbergerSema 36-38 rue de la Princesse, BP45 78430 Louveciennes Cedex, France Louis.Goubin@louveciennes.tt.slb.com
More informationEE382 Processor Design Winter 1999 Chapter 2 Lectures Clocking and Pipelining
Slide 1 EE382 Processor Design Winter 1999 Chapter 2 Lectures Clocking and Pipelining Slide 2 Topics Clocking Clock Parameters Latch Types Requirements for reliable clocking Pipelining Optimal pipelining
More informationUsing Second-Order Power Analysis to Attack DPA Resistant Software
Using Second-Order Power Analysis to Attack DPA Resistant Software Thomas S. Messerges Motorola Labs, Motorola 3 E. Algonquin Road, Room 7, Schaumburg, IL 696 Tom.Messerges@motorola.com Abstract. Under
More informationStart Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling
IEEE TRANSACTIONS ON COMPUTERS, VOL.?, NO.?,?? 1 Start Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling Liran Lerman, Nikita Veshchikov, Olivier Markowitch,
More informationHorizontal and Vertical Side-Channel Attacks against Secure RSA Implementations
Introduction Clavier et al s Paper This Paper Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations Aurélie Bauer Éliane Jaulmes Emmanuel Prouff Justine Wild ANSSI Session ID:
More information7 Cryptanalysis. 7.1 Structural Attacks CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 7 Cryptanalysis Cryptanalysis Attacks such as exhaustive key-search do not exploit any properties of the encryption algorithm or implementation. Structural attacks
More information14. November IAIK, Graz University of Technology 2 Integrated Systems Laboratory, ETH Zürich.
W I S S E N T E C H N I K L E I D E N S C H A F T Leakage Bounds for Gaussian Side Channels Thomas Unterluggauer 1, Thomas Korak 1, Stefan Mangard 1, Robert Schilling 1, Luca Benini 2, Frank K. Gürkaynak
More informationEECS 579: Logic and Fault Simulation. Simulation
EECS 579: Logic and Fault Simulation Simulation: Use of computer software models to verify correctness Fault Simulation: Use of simulation for fault analysis and ATPG Circuit description Input data for
More informationMultiple-Differential Side-Channel Collision Attacks on AES
Multiple-Differential Side-Channel Collision Attacks on AES Andrey Bogdanov Horst Görtz Institute for IT Security Ruhr University Bochum, Germany abogdanov@crypto.rub.de www.crypto.rub.de Abstract. In
More informationCorrelation Power Analysis. Chujiao Ma
Correlation Power Analysis Chujiao Ma Power Analysis Simple Power Analysis (SPA) different operations consume different power Differential Power Analysis (DPA) different data consume different power Correlation
More informationBitslice Ciphers and Power Analysis Attacks
Bitslice Ciphers and Power Analysis Attacks Joan Daemen, Michael Peeters and Gilles Van Assche Proton World Intl. Rue Du Planeur 10, B-1130 Brussel, Belgium Email: {daemen.j, peeters.m, vanassche.g}@protonworld.com
More informationBranch Prediction based attacks using Hardware performance Counters IIT Kharagpur
Branch Prediction based attacks using Hardware performance Counters IIT Kharagpur March 19, 2018 Modular Exponentiation Public key Cryptography March 19, 2018 Branch Prediction Attacks 2 / 54 Modular Exponentiation
More informationThe Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel Evaluations
The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel Evaluations Stjepan Picek 1, Annelie Heuser 2, Alan Jovic 3, Shivam Bhasin 4, and Francesco Regazzoni 5 1 Delft
More informationA DPA attack on RSA in CRT mode
A DPA attack on RSA in CRT mode Marc Witteman Riscure, The Netherlands 1 Introduction RSA is the dominant public key cryptographic algorithm, and used in an increasing number of smart card applications.
More informationFormal Verification of Side-Channel Countermeasures
Formal Verification of Side-Channel Countermeasures Sonia Belaïd June 5th 2018 1 / 35 1 Side-Channel Attacks 2 Masking 3 Formal Tools Verification of Masked Implementations at Fixed Order Verification
More informationAmortizing Randomness Complexity in Private Circuits
Amortizing Randomness Complexity in Private Circuits Sebastian Faust 1,2, Clara Paglialonga 1,2, Tobias Schneider 1,3 1 Ruhr-Universität Bochum, Germany 2 Technische Universität Darmstadt, Germany 3 Université
More informationEE 560 CHIP INPUT AND OUTPUT (I/0) CIRCUITS. Kenneth R. Laker, University of Pennsylvania
1 EE 560 CHIP INPUT AND OUTPUT (I/0) CIRCUITS 2 -> ESD PROTECTION CIRCUITS (INPUT PADS) -> ON-CHIP CLOCK GENERATION & DISTRIBUTION -> OUTPUT PADS -> ON-CHIP NOISE DUE TO PARASITIC INDUCTANCE -> SUPER BUFFER
More informationMultiple-Differential Side-Channel Collision Attacks on AES
Multiple-Differential Side-Channel Collision Attacks on AES Andrey Bogdanov Horst Görtz Institute for IT Security Ruhr University Bochum, Germany abogdanov@crypto.rub.de, www.crypto.rub.de Abstract. In
More information«Differential Behavioral Analysis»
«Differential Behavioral Analysis» Bruno ROBISSON Pascal MANET CEA-LETI SESAM Laboratory (joint R&D team CEA-LETI/EMSE), Centre Microélectronique de Provence Avenue des Anémones, 13541 Gardanne, France
More informationLecture 14: State Tables, Diagrams, Latches, and Flip Flop
EE210: Switching Systems Lecture 14: State Tables, Diagrams, Latches, and Flip Flop Prof. YingLi Tian Nov. 6, 2017 Department of Electrical Engineering The City College of New York The City University
More informationA Collision-Attack on AES Combining Side Channel- and Differential-Attack
A Collision-Attack on AES Combining Side Channel- and Differential-Attack Kai Schramm, Gregor Leander, Patrick Felke, and Christof Paar Horst Görtz Institute for IT Security Ruhr-Universität Bochum, Germany
More informationNICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage
NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage Shivam Bhasin 1 Jean-Luc Danger 1,2 Sylvain Guilley 1,2 Zakaria Najm 1 1 Institut MINES-TELECOM, TELECOM ParisTech, Department
More informationLab 3 Revisited. Zener diodes IAP 2008 Lecture 4 1
Lab 3 Revisited Zener diodes R C 6.091 IAP 2008 Lecture 4 1 Lab 3 Revisited +15 Voltage regulators 555 timers 270 1N758 0.1uf 5K pot V+ V- 2N2222 0.1uf V o. V CC V Vin s = 5 V Vc V c Vs 1 e t = RC Threshold
More informationParallel Implementations of Masking Schemes and the Bounded Moment Leakage Model
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model G. Barthe, F. Dupressoir, S. Faust, B. Grégoire, F.-X. Standaert, P.-Y. Strub IMDEA (Spain), Univ. Surrey (UK), Univ. Bochum
More informationImproved High-Order Conversion From Boolean to Arithmetic Masking
Improved High-Order Conversion From Boolean to Arithmetic Masking Luk Bettale 1, Jean-Sébastien Coron 2, and Rina Zeitoun 1 1 IDEMIA, France luk.bettale@idemia.com, rina.zeitoun@idemia.com 2 University
More informationHigh-Resolution EM Attacks Against Leakage-Resilient PRFs Explained
High-Resolution EM Attacks Against Leakage-Resilient PRFs Explained And An Improved Construction Florian Unterstein 1, Johann Heyszl 1, Fabrizio De Santis 2, Robert Specht 1, and Georg Sigl 3 1 Fraunhofer
More information14.1. Unit 14. State Machine Design
4. Unit 4 State Machine Design 4.2 Outcomes I can create a state diagram to solve a sequential problem I can implement a working state machine given a state diagram STATE MACHINES OVERVIEW 4.3 4.4 Review
More informationProvably Secure Higher-Order Masking of AES
Provably Secure Higher-Order Masking of AES Matthieu Rivain 1 and Emmanuel Prouff 2 1 CryptoExperts matthieu.rivain@cryptoexperts.com 2 Oberthur Technologies e.prouff@oberthur.com Abstract. Implementations
More informationEfficient randomized regular modular exponentiation using combined Montgomery and Barrett multiplications
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2016 Efficient randomized regular modular exponentiation
More informationA Proposition for Correlation Power Analysis Enhancement
A Proposition for Correlation Power Analysis Enhancement Thanh-Ha Le 1, Jessy Clédière 1,Cécile Canovas 1, Bruno Robisson 1, Christine Servière, and Jean-Louis Lacoume 1 CEA-LETI 17 avenue des Martyrs,
More informationA DFA ON AES BASED ON THE ENTROPY OF ERROR DISTRIBUTIONS
A DFA ON AES BASED ON THE ENTROPY OF ERROR DISTRIBUTIONS FDTC2012 Ronan Lashermes, Guillaume Reymond, Jean-Max Dutertre, Jacques Fournier, Bruno Robisson and Assia Tria 9 SEPTEMBER 2012 INTRODUCTION Introduction
More informationA Statistics-based Fundamental Model for Side-channel Attack Analysis
A Statistics-based Fundamental Model for Side-channel Attack Analysis Yunsi Fei, A. Adam Ding, Jian Lao, and Liwei Zhang 1 Yunsi Fei Department of Electrical and Computer Engineering Northeastern University,
More informationOn the Use of Masking to Defeat Power-Analysis Attacks
1/32 On the Use of Masking to Defeat Power-Analysis Attacks ENS Paris Crypto Day February 16, 2016 Presented by Sonia Belaïd Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security
More informationLinear Cryptanalysis of Long-Key Iterated Cipher with Applications to Permutation-Based Ciphers
Linear Cryptanalysis of Long-Key Iterated Cipher with Applications to Permutation-Based Ciphers Kaisa Nyberg Aalto University School of Science kaisa.nyberg@aalto.fi Luxemburg January 2017 Outline Introduction
More informationEntropy Evaluation for Oscillator-based True Random Number Generators
Entropy Evaluation for Oscillator-based True Random Number Generators Yuan Ma DCS Center Institute of Information Engineering Chinese Academy of Sciences Outline RNG Modeling method Experiment Entropy
More informationSide-channel attacks and countermeasures for curve based cryptography
Side-channel attacks and countermeasures for curve based cryptography Tanja Lange Technische Universiteit Eindhoven tanja@hyperelliptic.org 28.05.2007 Tanja Lange SCA on curves p. 1 Overview Elliptic curves
More informationLecture 13: Sequential Circuits, FSM
Lecture 13: Sequential Circuits, FSM Today s topics: Sequential circuits Finite state machines 1 Clocks A microprocessor is composed of many different circuits that are operating simultaneously if each
More informationEfficient, portable template attacks
Efficient, portable template attacks Marios O. Choudary, Markus G. Kuhn Computer Laboratory https://www.cl.cam.ac.uk/~mgk25/ Paper: IEEE Trans. Inf. Foren. Sec. 13(2), Feb. 2018, DOI 10.1109/TIFS.2017.2757440
More informationFast Evaluation of Polynomials over Binary Finite Fields. and Application to Side-channel Countermeasures
Fast Evaluation of Polynomials over Binary Finite Fields and Application to Side-channel Countermeasures Jean-Sébastien Coron 1, Arnab Roy 1,2, Srinivas Vivek 1 1 University of Luxembourg 2 DTU, Denmark
More informationHardware Architectures for Public Key Algorithms Requirements and Solutions for Today and Tomorrow
Hardware Architectures for Public Key Algorithms Requirements and Solutions for Today and Tomorrow Cees J.A. Jansen Pijnenburg Securealink B.V. Vught, The Netherlands ISSE Conference, London 27 September,
More informationEntropy Extraction in Metastability-based TRNG
Entropy Extraction in Metastability-based TRNG Vikram B. Suresh Dept. of Electrical & Computer Engineering University of Massachusetts Amherst, USA vsuresh@ecs.umass.edu Wayne P. Burleson Dept. of Electrical
More informationAffine Masking against Higher-Order Side Channel Analysis
Affine Masking against Higher-Order Side Channel Analysis Guillaume Fumaroli 1, Ange Martinelli 1, Emmanuel Prouff 2, and Matthieu Rivain 3 1 Thales Communications {guillaume.fumaroli, jean.martinelli}@fr.thalesgroup.com
More informationSingle Event Radiation Test Report. Microsemi LX Analog Input RAD Tolerant Telemetry Controller
Single Event Radiation Test Report Microsemi LX7730 64 Analog Input RAD Tolerant Telemetry Controller Doc. N :TDRS-0020-4 Page 1/33 TABLE OF CONTENT 1. PURPOSE AND SCOPE... 3 2. APPLICABLE DOCUMENT...
More informationA Formal Model of Clock Domain Crossing and Automated Verification of Time-Triggered Hardware
A Formal Model of Clock Domain Crossing and Automated Verification of Time-Triggered Hardware Julien Schmaltz Institute for Computing and Information Sciences Radboud University Nijmegen The Netherlands
More informationSystematic Construction and Comprehensive Evaluation of Kolmogorov-Smirnov Test Based Side-Channel Distinguishers
Systematic Construction and Comprehensive Evaluation of Kolmogorov-Smirnov Test Based Side-Channel Distinguishers Hui Zhao, Yongbin Zhou,,François-Xavier Standaert 2, and Hailong Zhang State Key Laboratory
More informationDIFFERENTIAL POWER ANALYSIS MODEL AND SOME RESULTS
DIFFERENTIAL POWER ANALYSIS MODEL AND SOME RESULTS Sylvain Guilley, Philippe Hoogvorst and Renaud Pacalet GET / Télécom Paris, CNRS LTCI Département communication et électronique 46 rue Barrault, 75634
More informationExercise 1: RC Time Constants
Exercise 1: RC EXERCISE OBJECTIVE When you have completed this exercise, you will be able to determine the time constant of an RC circuit by using calculated and measured values. You will verify your results
More informationFPGA Implementation of a Predictive Controller
FPGA Implementation of a Predictive Controller SIAM Conference on Optimization 2011, Darmstadt, Germany Minisymposium on embedded optimization Juan L. Jerez, George A. Constantinides and Eric C. Kerrigan
More informationSIDE Channel Analysis (SCA in short) exploits information. Statistical Analysis of Second Order Differential Power Analysis
1 Statistical Analysis of Second Order Differential Power Analysis Emmanuel Prouff 1, Matthieu Rivain and Régis Bévan 3 Abstract Second Order Differential Power Analysis O- DPA is a powerful side channel
More informationImproved Collision-Correlation Power Analysis on First Order Protected AES
Improved Collision-Correlation Power Analysis on First Order Protected AES Christophe Clavier, Benoit Feix, Georges Gagnerot, Mylène Roussellet, Vincent Verneuil To cite this version: Christophe Clavier,
More informationFirst-Order DPA Attack Against AES in Counter Mode w/ Unknown Counter. DPA Attack, typical structure
Josh Jaffe CHES 2007 Cryptography Research, Inc. www.cryptography.com 575 Market St., 21 st Floor, San Francisco, CA 94105 1998-2007 Cryptography Research, Inc. Protected under issued and/or pending US
More informationFPGA-BASED ACCELERATOR FOR POST-QUANTUM SIGNATURE SCHEME SPHINCS-256
IMES FPGA-BASED ACCELERATOR FOR POST-QUANTUM SIGNATURE SCHEME SPHINCS-256 Dorian Amiet 1, Andreas Curiger 2 and Paul Zbinden 1 1 HSR Hochschule für Technik, Rapperswil, Switzerland 2 Securosys SA, Zürich,
More informationBoolean Logic Continued Prof. James L. Frankel Harvard University
Boolean Logic Continued Prof. James L. Frankel Harvard University Version of 10:18 PM 5-Sep-2017 Copyright 2017, 2016 James L. Frankel. All rights reserved. D Latch D R S Clk D Clk R S X 0 ~S 0 = R 0 ~R
More informationHigh-Order Conversion From Boolean to Arithmetic Masking
High-Order Conversion From Boolean to Arithmetic Masking Jean-Sébastien Coron University of Luxembourg jean-sebastien.coron@uni.lu Abstract. Masking with random values is an effective countermeasure against
More informationRSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis. Daniel Genkin, Adi Shamir, Eran Tromer
RSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis Daniel Genkin, Adi Shamir, Eran Tromer Mathematical Attacks Input Crypto Algorithm Key Output Goal: recover the key given access to the inputs
More informationConsolidating Security Notions in Hardware Masking
Consolidating Security Notions in Hardware Masking Lauren De Meyer 1, Begül Bilgin 1,2 and Oscar Reparaz 1,3 1 KU Leuven, imec - COSIC, Leuven, Belgium firstname.lastname@esat.kuleuven.be 2 Rambus, Cryptography
More informationA block cipher enciphers each block with the same key.
Ciphers are classified as block or stream ciphers. All ciphers split long messages into blocks and encipher each block separately. Block sizes range from one bit to thousands of bits per block. A block
More informationChapter Overview. Memory Classification. Memory Architectures. The Memory Core. Periphery. Reliability. Memory
SRAM Design Chapter Overview Classification Architectures The Core Periphery Reliability Semiconductor Classification RWM NVRWM ROM Random Access Non-Random Access EPROM E 2 PROM Mask-Programmed Programmable
More informationCombinational Logic Trainer Lab Manual
Combinational Logic Trainer Lab Manual Control Inputs Microprocessor Data Inputs ff Control Unit '0' Datapath MUX Nextstate Logic State Memory Register Output Logic Control Signals ALU ff Register Status
More informationAlgorithmic Number Theory and Public-key Cryptography
Algorithmic Number Theory and Public-key Cryptography Course 3 University of Luxembourg March 22, 2018 The RSA algorithm The RSA algorithm is the most widely-used public-key encryption algorithm Invented
More informationCOVER SHEET: Problem#: Points
EEL 4712 Midterm 3 Spring 2017 VERSION 1 Name: UFID: Sign here to give permission for your test to be returned in class, where others might see your score: IMPORTANT: Please be neat and write (or draw)
More informationFPGA-based Niederreiter Cryptosystem using Binary Goppa Codes
FPGA-based Niederreiter Cryptosystem using Binary Goppa Codes Wen Wang 1, Jakub Szefer 1, and Ruben Niederhagen 2 1. Yale University, USA 2. Fraunhofer Institute SIT, Germany April 9, 2018 PQCrypto 2018
More informationLinear Regression Side Channel Attack Applied on Constant XOR
Linear Regression Side Channel Attack Applied on Constant XOR Shan Fu ab, Zongyue Wang c, Fanxing Wei b, Guoai Xu a, An Wang d a National Engineering Laboratory of Mobile Internet Security, Beijing University
More informationProvable Security against Side-Channel Attacks
Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable
More informationConversion from Arithmetic to Boolean Masking with Logarithmic Complexity
Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity Jean-Sébastien Coron 1, Johann Großschädl 1, Mehdi Tibouchi 2, and Praveen Kumar Vadnala 1 1 University of Luxembourg, jean-sebastien.coron,johann.groszschaedl,praveen.vadnala}@uni.lu
More informationLecture 13: Sequential Circuits, FSM
Lecture 13: Sequential Circuits, FSM Today s topics: Sequential circuits Finite state machines Reminder: midterm on Tue 2/28 will cover Chapters 1-3, App A, B if you understand all slides, assignments,
More informationRandomized Signed-Scalar Multiplication of ECC to Resist Power Attacks
Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks Jae Cheol Ha 1 and Sang Jae Moon 2 1 Division of Information Science, Korea Nazarene Univ., Cheonan, Choongnam, 330-718, Korea jcha@kornu.ac.kr
More informationExponent Blinding Does not Always Lift (Partial) SPA Resistance to Higher-Level Security
Exponent Blinding Does not Always Lift (Partial) SPA Resistance to Higher-Level Security Werner Schindler (Bundesamt für Sicherheit in der Informationstechnik (BSI)) and Kouichi Itoh (Fujitsu Laboratories
More informationCPU DESIGN The Single-Cycle Implementation
CSE 202 Computer Organization CPU DESIGN The Single-Cycle Implementation Shakil M. Khan (adapted from Prof. H. Roumani) Dept of CS & Eng, York University Sequential vs. Combinational Circuits Digital circuits
More informationCANBUS-THERMO-2CH Rev B v Channel CAN-Bus Thermocouple Interface K-Type. V1.0 July SK Pang Electronics Ltd
2 Channel CAN-Bus Thermocouple Interface K-Type V1.0 July 2016 Product name Model number Manufacturer 2 Channel CAN-Bus Thermocouple Interface K-Type CANBUS-THERMO-2CH SK Pang Electronics Ltd 1 Contents
More informationSequential Logic Circuits
Chapter 4 Sequential Logic Circuits 4 1 The defining characteristic of a combinational circuit is that its output depends only on the current inputs applied to the circuit. The output of a sequential circuit,
More information