谢满德,沈海斌,竺红卫

DOI: https://doi.org/10.3969/j.issn.1004-3365.2004.06.003

2004-01-01

Abstract:The fundamental principle of differential power analysis (DPA) attacks against universal cryptosystems and a particular theory of DPA attacks against data encryption standard (DES) algorithm are described in detail. An improved algorithm is proposed for DPA. Based on the analysis of noise characteristics of the power signals, an approach to modeling the signal-to-noise ratio (SNR) is proposed and corresponding theory is demonstrated. Finally, experimental results of the algorithm are presented.

Zhimin Chen,Yujie Zhou

DOI: https://doi.org/10.1007/11894063_20

2006-01-01

Abstract:Recent research has shown that cryptographers with glitches are vulnerable in front of Side Channel Attacks (SCA). Since then, several methods, such as Wave Dynamic Differential Logic (WDDL) and Masked Dual-Rail Pre-charge Logic (MDPL), have been presented to make circuits clean. In this paper, we propose a more accurate power model based on logic gates’ output transitions and divide it into pieces according to input signals’ transformations. Based on our model, we demonstrate that 1-bit masked logic gates with asynchronous inputs always leak side-channel information from their output transitions. Therefore, even those gates designed without glitches are still susceptible to be attacked. To solve this problem, Dual-Rail Random Switching Logic (DRSL) is presented. By introducing a local pre-charge signal, DRSL gates have their inputs synchronized. Experimental results indicate that DRSL eliminates most of the leakage.

Wenyi Tang,Song Jia,Yuan Wang

DOI: https://doi.org/10.1049/cje.2017.03.003

IF: 1.019

2017-01-01

Chinese Journal of Electronics

Abstract:Differential power analysis (DPA) has become a major concern for system security. To achieve a high level of security at a low overhead of power and die area, a novel dual-voltage single-rail dynamic logic (DSDL) is proposed in this paper. DSDL reduces the power dissipation, and obtains a balanced power consumption by locking the charge in the internal nodes during evaluation, utilizing the charge sharing mechanism for voltage transfer as well as using two supply voltages and a positive feedback to speed up the evaluation process. A 4-bit SBOX of AES algorithm was implemented to verify the security of the proposed logic. The simulation results proved the efficiency of DSDL, which only incurs a significantly smaller overhead in power consumption when compared with previous countermeasures.

Nian-Hao Zhu,Yu-Jie Zhou,Hong-Ming Liu

DOI: https://doi.org/10.1109/les.2013.2279918

IF: 1.524

2013-01-01

IEEE Embedded Systems Letters

Abstract:Leakage power analysis (LPA) attacks aim at finding the secret key of a cryptographic device from measurements of its static (leakage) power. This novel power analysis attacks take advantage of the dependence of the leakage power of CMOS integrated circuits on the data they process. This letter proposes symmetric dual-rail logic (SDRL), a standard cell LPA attack countermeasure that theoretically resists the LPA attacks. The technique combines standard building blocks to make new compound standard cells, which have a close to constant leakage power consumption. Experiment results show SDRL is a promising approach to implement a LPA-resistant crypto processor.

Jianping Quan,Guoqiang Bai

DOI: https://doi.org/10.1109/ITNG.2009.185

2009-01-01

Abstract:Recently DPA resistant logic styles are of great concern. As far as we know, each kind of logic style has its own drawbacks. Masking logic styles can easily be attacked by the template attack. For dual-rail logic styles, TDPL can only keep the total power consumption of the whole cycle constant; as for WDDL, it becomes more and more difficult to efficiently match the interconnect capacitances of differential wires with shrinking feature sizes. To avoid these drawbacks, we present a new direction for routing effort to solve the unbalanced interconnection problem. By using three-phase logic and removing the load dependent power consumption in the evaluation phase and discharge phase, our logic style is insensitive to the unbalanced interconnect capacitances of differential wires. Additionally, the early propagation effect is another threat to certain DPA resistant logic styles. We also propose a theoretical method to solve it at the system level.

Nian-hao Zhu,Yu-jie Zhou,Hong-ming Liu

DOI: https://doi.org/10.1007/s12204-014-1486-6

2014-01-01

Abstract:Leakage power analysis (LPA) attacks aim at finding the secret key of a cryptographic device from measurements of its static (leakage) power. This novel power analysis attacks take advantage of the dependence of the leakage power of complementary metal oxide semiconductor (CMOS) integrated circuits on the data they process. This paper proposes symmetric dual-rail logic (SDRL), a standard cell LPA attack countermeasure that theoretically resists the LPA attacks. The technique combines standard building blocks to make new compound standard cells, which are close to constant leakage power consumption. Experiment results show SDRL is a promising approach to implement an LPA-resistant crypto processor.

Wenyi Tang,Song Jia,Yuan Wang

DOI: https://doi.org/10.1587/transele.e99.c.956

2016-01-01

IEICE Transactions on Electronics

Abstract:Side channel attacks (SCAs) on security devices have become a major concern for system security. Existing SCA countermeasures are costly in terms of area and power consumption. This paper presents a novel differential power analysis (DPA) countermeasure referred to as short-time three-phase single-rail precharge logic (STSPL). The proposed logic is based on a single-rail three-phase operation scheme providing effective DPA-resistance with low cost. In the scheme, a controller is inserted to discharge logic gates by reusing evaluation paths to achieve more balanced power consumption. This reduces the latency between different phases, increasing the difficult of the adversary to conduct DPA, compared with the state-of-the-art DPA-resistance logics. To verify the chip's power consumption in practice, a 4-bit ripple carry adder and a 4-bit inverter of AES-SBOX were implemented. The testing and simulation results of DPA attacks prove the security and efficiency of the proposed logic.

Erica Tena-Sánchez,Javier Castro,Antonio J. Acosta,Erica Tena-Sanchez

DOI: https://doi.org/10.1109/jetcas.2014.2315878

IF: 5.877

2014-06-01

IEEE Journal on Emerging and Selected Topics in Circuits and Systems

Abstract:Cryptocircuits can be attacked by third parties using differential power analysis (DPA), which uses power consumption dependence on data being processed to reveal critical information. To protect security devices against this issue, differential logic styles with (almost) constant power dissipation are widely used. However, to use such circuits effectively for secure applications it is necessary to eliminate any energy-secure flaw in security in the shape of memory effects that could leak information. This paper proposes a design methodology to improve pull-down logic configuration for secure differential gates by redistributing the charge stored in internal nodes and thus, removing memory effects that represent a significant threat to security. To evaluate the methodology, it was applied to the design of AND/NAND and XOR/XNOR gates in a 90 nm technology, adopting the sense amplifier based logic (SABL) style for the pull-up network. The proposed solutions leak less information than typical SABL gates, increasing security by at least two orders of magnitude and with negligible performance degradation. A simulation-based DPA attack on the Sbox9 cryptographic module used in the Kasumi algorithm, implemented with complementary metal–oxide–semiconductor, SABL and proposed gates, was performed. The results obtained illustrate that the number of measurements needed to disclose the key increased by much more than one order of magnitude when using our proposal. This paper also discusses how the effectivenness of DPA attacks is influenced by operating temperature and details how to insure energy-secure operations in the new proposals.

engineering, electrical & electronic

Liu Junrong,Guo Zheng,Gu Dawu,Yu,Lu Haining,Gu Haihua,Bao Sigang

DOI: https://doi.org/10.1109/cc.2015.7122468

2015-01-01

China Communications

Abstract:In this paper,we propose a hybrid power model that includes the power consumption of not only the registers but also part of the combinational logic.By doing knownkey analysis with this hybrid model,power side-channel leakage caused by correct keys can be detected.In experiment,PRINTcipher and DES algorithms were chosen as analysis targets and combinational logic s-box unit was selected to build power template.The analysis results showed the signal-to-noise ratio（SNR） power consumption increase of more than 20%after considering s-box’s power consumption so that the information of keys can be obtained with just half number of power traces.In addition,the side channel-leakage detection capability of our method also shows better effectiveness that can identify the correct keys.

Xiaoxin Cui,Rui Li,Wei Wei,Juan Gu,Xiaole Cui

DOI: https://doi.org/10.1109/ASICON.2013.6812024

2013-01-01

Abstract:Differential Power Analysis (DPA) reveals the secret key from the cryptographic device by side channel power leakage. Masking and Random Delay Insertion (RDI) are two countermeasures against DPA attack. But masking or RDI alone does not prevent DPA attack, they only enhance the difficulty of the attack. This paper proposes a novel countermeasure which associating masking with RDI. Furthermore, multi-masking instead of transformed masking is proposed in order to defend DPA attack based on hamming distance model. The combined countermeasure is implemented and verified on Data Encryption Standard (DES) algorithm. The results show that the combined countermeasure defends DPA attack with 105 power traces, and increases 40% ability against DPA with only 28% performance penalty.

Himanshu Thapliyal,Mark Zwolinski

DOI: https://doi.org/10.48550/arXiv.cs/0610089

2006-10-14

Abstract:Differential Power Analysis (DPA) presents a major challenge to mathematically-secure cryptographic protocols. Attackers can break the encryption by measuring the energy consumed in the working digital circuit. To prevent this type of attack, this paper proposes the use of reversible logic for designing the ALU of a cryptosystem. Ideally, reversible circuits dissipate zero energy. Thus, it would be of great significance to apply reversible logic to designing secure cryptosystems. As far as is known, this is the first attempt to apply reversible logic to developing secure cryptosystems. In a prototype of a reversible ALU for a crypto-processor, reversible designs of adders and Montgomery multipliers are presented. The reversible designs of a carry propagate adder, four-to-two and five-to-two carry save adders are presented using a reversible TSG gate. One of the important properties of the TSG gate is that it can work singly as a reversible full adder. In order to design the reversible Montgomery multiplier, novel reversible sequential circuits are also proposed which are integrated with the proposed adders to design a reversible modulo multiplier. It is intended that this paper will provide a starting point for developing cryptosystems secure against DPA attacks.

Cryptography and Security

Wei Sun,Jun-Rong Liu,Da-Wu Gu,Zheng Guo,Jun Xie,Bo Ma

2015-01-01

Abstract:Nowadays, cryptographic circuits have been widely used in many fields such as finance, transportation and government business. Such devices have software and hardware implementations, as they both have certain weakness and constraints. In this paper, we research on both software and hardware cryptographic circuits based on the side channel technology. By using different power leakage models, we can point out the weakness operations of a cryptographic circuit that leaks secret information. Furthermore, we research on the differences between software and hardware implementations of SM3-HMAC, and propose power analysis methods respectively.

Shuo Wang,Fan Zhang,Jianwei Dai,Lei Wang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/iccd.2008.4751919

2008-01-01

Abstract:Power analysis attacks are a type of side-channel attacks that exploits the power consumption of computing devices to retrieve secret information. They are very effective in breaking many cryptographic algorithms, especially those running in low-end processors in embedded systems, sensor nodes, and smart cards. Although many countermeasures to power analysis attacks have been proposed, most of them are software based and designed for a specific algorithm. Many of them are also found vulnerable to more advanced attacks. Looking for a low-cost, algorithm-independent solution that can be implemented in many processors and makes all cryptographic algorithms secure against power analysis attacks, we start with register file, where the operands and results of most instructions are stored. In this paper, we propose RFRF, a register file that stores data with a redundant flipped copy. With the redundant copy and a new precharge phase in write operations, RFRF provides data-independent power consumption on read and write for cryptographic algorithms. Although RFRF has large energy overhead, it is only enabled in the security mode. We validate our method with simulations. The results show that the power consumption of RFRF is independent of the values read out from or written to registers. Thus RFRF can help mitigate power analysis attacks.

Guo Zheng,Gu Dawu,Lu Haining,Liu Junrong,Xu Sen,Bao Sigang,Gu Haihua

DOI: https://doi.org/10.1109/cc.2015.7084387

2015-01-01

China Communications

Abstract:Power analysis is a non-invasive attack against cryptographic hardware, which effectively exploits runtime power consumption characteristics of circuits. This paper proposes a new power model which combines Hamming Distance model and the model based on the template value of power consumption in combinational logic circuit. The new model can describe the power consumption characteristics of sequential logic circuits and those of combinational logic as well. The new model can be used to improve the existing power analysis methods and detect the information leakage of power consumption. Experimental results show that, compared to CPA(Correlation Power Analysis) method, our proposed attack which adopt the combinational model is more efficient in terms of the number of required power traces.

yijie ge,zheng guo,zhigang mao,junrong liu,jiachao chen

DOI: https://doi.org/10.2991/csic-15.2015.14

2015-01-01

Abstract:Security of cryptographic embedded devices has become a prevalent concern, especially since the introduction of Differential Power Analysis (DPA) by Paul Kocher et al. In the past years, many efforts have been made to improve the resistance against Side Channel Attack (SCA) of cryptographic devices. Among the countermeasures, masking is a typical and efficient strategy. However, a number of effective attacks on masked cryptographic devices have been developed in recent years, and this paper continues this line of research. On theory, a DES with a masking scheme is secure under first order SCA, but we dig out a new leakage problem which makes it possible to attack a masked DES without using higher-order power analysis. Concretely, we perform a first-order correlation power analysis based on the leakage relationship between two different arithmetic components of DES. And the reason for this leakage is analyzed and verified by us through simulation and real card attacks.

Jizhong Shen,Liang Geng,Fan Zhang

DOI: https://doi.org/10.1049/el.2017.2415

2017-01-01

Electronics Letters

Abstract:Side-channel analysis (SCA) is a powerful technique to reveal the secrets using detectable physical leakages from logic elements, which brings severe security threats to modern circuits. To alleviate this problem, applying cell-level countermeasure is usually a suitable solution, which is mainly implemented as dual-rail precharge logic. Mace et al. has the proposed dynamic current mode logic (DyCML) scheme as a novel technology to resist SCA, whose power consumption is constant regardless of the data processed. However, the DyCML-based sequential elements are still in blank field. So, we have implemented a novel flip-flop compatible with DyCML, whose enhanced security has been proved by corresponding simulations.

Wu Di,Cui Xiaoxin,Wei Wei,Li Rui,Yu Dunshan,Cui Xiaole

DOI: https://doi.org/10.1109/icsict.2012.6467785

2012-01-01

Abstract:Differential Power Analysis (DPA) is a powerful side channel attack method. Dual Rail Pre-charge Logic (DRP) is an effective circuit level DPA resistant countermeasure, however consumes more energy. Several adiabatic logic can resist differential power analysis attack while energy efficient. In this paper the comparison of DPA resistant ability for DRP logic and adiabatic logic will be presented and to make the comparison, a new criterion was introduced which could be used both for the DRP logic and adiabatic logic. Furthermore, the design issues for adiabatic logic will be discussed. Based on several standard cells and a full adder, the analysis results show that the ECRL logic has a good performance in DPA resistant ability (64%) as well as energy saving (83%).

Kris Tiri,Ingrid Verbauwhede

DOI: https://doi.org/10.48550/arXiv.0710.4756

2007-10-25

Abstract:Side channel attacks are a major security concern for smart cards and other embedded devices. They analyze the variations on the power consumption to find the secret key of the encryption algorithm implemented within the security IC. To address this issue, logic gates that have a constant power dissipation independent of the input signals, are used in security ICs. This paper presents a design methodology to create fully connected differential pull down networks. Fully connected differential pull down networks are transistor networks that for any complementary input combination connect all the internal nodes of the network to one of the external nodes of the network. They are memoryless and for that reason have a constant load capacitance and power consumption. This type of networks is used in specialized logic gates to guarantee a constant contribution of the internal nodes into the total power consumption of the logic gate.

Cryptography and Security

LI Hai-bin,ZHOU Yu-jie

DOI: https://doi.org/10.3969/j.issn.1002-0802.2007.11.105

2007-01-01

Abstract:Since the introduction of Power Analysis on smart cards by Paul Kocher,many countermeasures have been suggested to protect implementations of cryptographic algorithms.In this paper,a new protection principle ——the transformed masking method is proposed.And this method is applied to protect the most popular block cipher: DES.

Rui Li,Xiaoxin Cui,Wei Wei,Di Wu,Kai Liao,Nan Liao,KaiSheng Ma,Dunshan Yu,Xiaole Cui

DOI: https://doi.org/10.1109/EDSSC.2013.6628153

2013-01-01

Abstract:Differential Power Analysis (DPA) reveals the secret key from the cryptographic device by side channel power leakage. Masking and Random Delay Insertion (RDI) are two effective countermeasures against DPA attack. This paper propose a novel countermeasure which associating masking with RDI, further, Multi-Masking instead of Transformed Masking is proposed in order to defend DPA attack based on hamming distance model. The combined countermeasure is implemented on Data Encryption Standard (DES). The results show that combined countermeasure defends DPA attack with 105 power traces, and increases 40% ability against DPA.