Lu Zhang,Luis Vega,Michael Taylor

DOI: https://doi.org/10.48550/arXiv.1605.00681

2016-05-03

Abstract:Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations.

Cryptography and Security

Haocheng Ma,Qizhi Zhang,Ya Gao,Jiaji He,Yiqiang Zhao,Yier Jint

DOI: https://doi.org/10.1145/3489517.3530413

2022-01-01

Abstract:Side-channel analysis (SCA) attacks show an enormous threat to cryptographic integrated circuits (ICs). To address this threat, designers try to adopt various countermeasures during the IC development process. However, many existing solutions are costly in terms of area, power and/or performance, and may require full-custom circuit design for proper implementations. In this paper, we propose a tool, namely PATHFINDER, to automatically identify leaky paths and protect the design, and is compatible with the commercial design flow. The tool first finds out partial logic cells that leak the most information through dynamic correlation analysis. PATHFINDER then exploits static security checking to construct complete leaky paths based on these cells. After leaky paths are identified, PATHFINDER will leverage proper hardware countermeasures, including Boolean masking and random precharge, to eliminate information leakage from these paths. The effectiveness of PATHFINDER is validated both through simulation and physical measurements on FPGA implementations. Results demonstrate more than 1000x improvements on side-channel resistance, with less than 6.53 % penalty to the power, area and performance.

Xiangyu Li,Chaoqun Yang,Jiangsha Ma,Yongchang Liu,Shujuan Yin

DOI: https://doi.org/10.1109/tvlsi.2017.2752212

2017-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:Energy-efficient countermeasures to side-channel attacks are required for Internet of Things hardware. This paper proposes a special hiding technique for the substitution operation in block ciphers, which equalizes the power consumption of a circuit by appropriate feedforward compensation and is called power-aware hiding (PAH). A hybrid application configuration, in which PAH is applied to the S-boxes while the left linear operations are protected with a general masking method, is proposed as well. This solution not only has higher energy efficiency but can also be implemented automatically in a semicustom manner. The Advanced Encryption Standard VLSI adopting this solution was implemented and manufactured in 180-nm technology as a demonstration. The implementation issues regarding the countermeasures are discussed in this paper. Testing shows that the chip has a throughput up to 1.175 Gb/s with 18.1-mW power consumption and its number of measurements to disclosure is 13.4 million.

Robert Dumitru,Thorben Moos,Andrew Wabnitz,Yuval Yarom

2024-12-06

Abstract:In recent years a new class of side-channel attacks has emerged. Instead of targeting device emissions during dynamic computation, adversaries now frequently exploit the leakage or response behaviour of integrated circuits in a static state. Members of this class include Static Power Side-Channel Analysis (SCA), Laser Logic State Imaging (LLSI) and Impedance Analysis (IA). Despite relying on different physical phenomena, they all enable the extraction of sensitive information from circuits in a static state with high accuracy and low noise -- a trait that poses a significant threat to many established side-channel countermeasures. In this work, we point out the shortcomings of existing solutions and derive a simple yet effective countermeasure. We observe that in order to realise their full potential, static side-channel attacks require the targeted data to remain unchanged for a certain amount of time. For some cryptographic secrets this happens naturally, for others it requires stopping the target circuit's clock. Our proposal, called Borrowed Time, hinders an attacker's ability to leverage such idle conditions, even if full control over the global clock signal is obtained. For that, by design, key-dependent data may only be present in unprotected temporary storage when strictly needed. Borrowed Time then continuously monitors the target circuit and upon detecting an idle state, securely wipes sensitive contents. We demonstrate the need for our countermeasure and its effectiveness by mounting practical static power SCA attacks against cryptographic systems on FPGAs, with and without Borrowed Time. In one case we attack a masked implementation and show that it is only protected with our countermeasure in place. Furthermore we demonstrate that secure on-demand wiping of sensitive data works as intended, affirming the theory that the technique also effectively hinders LLSI and IA.

Cryptography and Security

Jitendra Bhandari,Mohammed Nabeel,Likhitha Mankali,Ozgur Sinanoglu,Ramesh Karri,Johann Knechtel

2024-07-21

Abstract:This paper presents a novel defense strategy against static power side-channel attacks (PSCAs), a critical threat to cryptographic security. Our method is based on (1) carefully tuning high-Vth versus low-Vth cell selection during synthesis, accounting for both security and timing impact, and (2), at runtime, randomly switching the operation between these cells. This approach serves to significantly obscure static power patterns, which are at the heart of static PSCAs. Our experimental results on a commercial 28nm node show a drastic increase in the effort required for a successful attack, namely up to 96 times more traces. When compared to prior countermeasures, ours incurs little cost, making it a lightweight defense.

Cryptography and Security

Jianlei Yang,Chenguang Wang,Yici Cai,Qiang Zhou

DOI: https://doi.org/10.1109/fpt.2014.7082770

2014-01-01

Abstract:Side Channel Attack (SCA) aims to extract the secret information from cryptography chips by analyzing the leakage of physical parameters. Power analysis based SCA is a popular approach to obtain secret keys by monitoring the power consumption of cryptography chips. However, most SCA evaluation methods are performed on FPGA platforms while many parasitic physical effects cannot be revealed before the cryptography chips are taped out. Roughly ignoring these effects will significantly increase the attack difficulties due to the corresponding measurement noise. Power supply noise has been observed to be critical for power analysis based SCA. This paper demonstrates a power supply noise aware evaluation framework for practical side channel attack from cryptography system design to physical design. On-chip power delivery network is implemented among physical design stage. Consequently the supply noise of power network can be explored according to the post-layout implementation. Additionally, the countermeasures of cryptography chips could be enhanced by on-chip decapacitors placement due to its influences on the characteristics of power delivery network.

Yanhui Luo,Aijiao Cui,Gang Qu,Huawei Li

DOI: https://doi.org/10.1109/iscas.2016.7538900

2016-01-01

Abstract:Scan design has been widely used to facilitate the testing of integrated circuits (ICs). However, it also provides attackers a side-channel to access the internal states of crypto chips and thus becomes a great threat to the security of the cipher keys. We propose a secure scan design scheme to protect crypto chips against such scan-based side-channel attacks. In this scheme, we introduce a shift register to control the working mode of certain scan cells. Only when the user configures the shift register correctly, can the scan design work normally under testing mode. We show that the proposed secure scan design can effectively resist the existing scan-based attacks. We also demonstrate that this approach has low area overhead while maintaining the testability of original design.

Lianbo Yao,Tao Zhang

DOI: https://doi.org/10.1109/ICCSIT.2010.5563592

2010-01-01

Abstract:Side channel analysis (SeA) is a powerful physical cryptanalysis. In common industrial practice, the SeA security evaluation is performed after the devices are manufactured. However, the post-manufactured analysis is time consuming, error prone and expensive. Motivated by the spirit of hardware/software co-design, a design-time SeA analysis is proposed to improve the efficiency. Firstly, a general SeA leakage model is presented, and then the flow of design-time security analysis is described. After that, a flexible simulation and analytical environment is built to assess the different SeA leakage. Finally, an illustrative experiment, which performs a design-time SeA analysis on the crypto-chip with AES-128 core, is given. © 2010 IEEE.

Jianwei Dai,Lei Wang

DOI: https://doi.org/10.1109/DFT.2009.32

2009-10-07

Abstract:Reliability-enhancing techniques are critical for nanoscale integrated systems under the pressure of various physical non-idealities such as process variations and manufacturing defects. However, it is unclear how these techniques will affect the side-channel information leaked through hardware implementations. The related side-channel effects may have direct implications to the security requirement in a wide range of applications. In this paper, we investigate this new problem for trusted hardware design. Employing information-theoretic measures, the relationship between reliability enhancements and the induced side-channel effects is quantitatively evaluated. Simulation results on EDC/ECC schemes in memory circuits are presented to demonstrate the application of the proposed method.

Computer Science

Samaneh Ghandali,Thorben Moos,Amir Moradi,Christof Paar

DOI: https://doi.org/10.48550/arXiv.1910.00737

2019-09-23

Abstract:Hardware Trojans have drawn the attention of academia, industry and government agencies. Effective detection mechanisms and countermeasures against such malicious designs can only be developed when there is a deep understanding of how hardware Trojans can be built in practice, in particular Trojans specifically designed to avoid detection. In this work, we present a mechanism to introduce an extremely stealthy hardware Trojan into cryptographic primitives equipped with provably-secure first-order side-channel countermeasures. Once the Trojan is triggered, the malicious design exhibits exploitable side-channel leakage, leading to successful key recovery attacks. Generally, such a Trojan requires neither addition nor removal of any logic which makes it extremely hard to detect. On ASICs, it can be inserted by subtle manipulations at the sub-transistor level and on FPGAs by changing the routing of particular signals, leading to \textbf{zero} logic overhead. The underlying concept is based on modifying a securely-masked hardware implementation in such a way that running the device at a particular clock frequency violates one of its essential properties, leading to exploitable leakage. We apply our technique to a Threshold Implementation of the PRESENT block cipher realized in two different CMOS technologies, and show that triggering the Trojan makes the ASIC prototypes vulnerable.

Cryptography and Security,Hardware Architecture

Weiwei Shan,Shuai Zhang,Jiaming Xu,Minyi Lu,Longxing Shi,Jun Yang

DOI: https://doi.org/10.1109/jssc.2019.2953855

IF: 5.4

2019-01-01

IEEE Journal of Solid-State Circuits

Abstract:Hardware countermeasure of side channel attack (SCA) becomes necessary to protect crypto circuits. Many countermeasures endured large area and power consumption. We propose a SCA-resistant methodology based on machine learning, which compensates the Hamming distance (HD) probability of the intermediate data directly. By making the HD probabilities unable to be distinguished from correct and incorrect sub-keys, it provides resistance to SCA. Optimum HD redistribution is obtained by a machine learning algorithm and then sent to the compensation circuit. Applied in an Advanced Encryption Standard (AES)-128 circuit, the whole compensated circuit is implemented on a 28-nm CMOS process. The experimental results show that it resists correlation-based SCA with 1.5 million traces, corresponding to 446 $\times $ improvements of measures to disclosure compared with a nonprotected AES circuit. In addition, it has no impact on the frequency and throughput rate, and its power overhead of 38% and area overhead of 36% are relatively low, making it suitable for resource-constrained encryption circuits.

Qi Chen,Dongyan Zhao,Liang Liu,Xuesong Yan,Yidong Yuan,Xige Zhang,Hongmei Wu,Zhe Wang

DOI: https://doi.org/10.1016/j.csi.2021.103569

IF: 3.721

2022-01-01

Computer Standards & Interfaces

Abstract:Side-channel attacks (SCAs) have become a significant threat nowadays to cryptographic devices, especially central processing units (CPUs). Based on the implementation of AES-128, the side-channel information leakage analysis is carried out in a 32-bit CPU microarchitecture in this work. Correlation power analysis (CPA) results show that it is obvious to reveal the secret key by using only 30 power traces based on the net-list simulation. Three flexibly configurable hardware-based countermeasures are proposed to prevent information leakage in the arithmetic and logic unit (ALU), register file (RF) and load/store unit (LSU), respectively, which are the most sensitive components according to our analysis. The proposed countermeasures have different protection effects on the CPU since the required trace number to reveal the secret key has increased from 30 to 100 similar to 120,000. Moreover, the anti-attack capability of the CPU is improved by 4000 times using the three countermeasures simultaneously. The proposed countermeasures can be freely combined while considering the CPU security and implementation overhead. In practice, the anti-attack capability of the CPU can be further improved when the proposed countermeasures are implemented in real-world measurements, because additional noise will be introduced during the measurements.

Jingbo Wang,Chungha Sung,Chao Wang

DOI: https://doi.org/10.48550/arXiv.1902.09099

2019-02-25

Abstract:The code generation modules inside modern compilers such as GCC and LLVM, which use a limited number of CPU registers to store a large number of program variables, may introduce side-channel leaks even in software equipped with state-of-the-art countermeasures. We propose a program analysis and transformation based method to eliminate this side channel. Our method has a type-based technique for detecting leaks, which leverages Datalog-based declarative analysis and domain-specific optimizations to achieve high efficiency and accuracy. It also has a mitigation technique for the compiler's backend, more specifically the register allocation modules, to ensure that potentially leaky intermediate computation results are always stored in different CPU registers or spilled to memory with isolation. We have implemented and evaluated our method in LLVM for the x86 instruction set architecture. Our experiments on cryptographic software show that the method is effective in removing the side channel while being efficient, i.e., our mitigated code is more compact and runs faster than code mitigated using state-of-the-art techniques.

Cryptography and Security,Programming Languages

Jianbo Yao,Tao Zhang

DOI: https://doi.org/10.1109/auteee60196.2023.10407457

2023-01-01

Abstract:SCA is an influential method used in physical cryptanalysis. Generally, the assessment of SCA security is carried out post-production in typical industrial procedures. This post-production analysis, however, is prone to errors, costly, and time intensive. Thus, to heighten efficiency, it has been proposed to carry out SCA analysis during design-time, drawing inspiration from the ethos of hardware/software co-design. This paper first introduces the limitations of traditional embedded system software/hardware design and the process of software/hardware co-design and a general SCA leakage model, followed by an overview of the process behind a design-time security analysis. Next, we establish a versatile simulation and analytical framework to evaluate various SCA leakages. In conclusion, we provide a demonstrated experiment that carries out a design data SCA analysis for the crypto-chip integrated having an AES-128 core.

Li-wei Wang,Hong-wei Luo,Ruo-he Yao

DOI: https://doi.org/10.3969/j.issn.1000-565X.2012.06.002

2012-01-01

Abstract:During the fabrication of integrated circuit (IC) chips in untrusted foundries, malicious circuits may be inserted as hardware Trojans, which results in a significant risk of trustworthiness and reliability degradation of the chips. As such Trojan circuits are difficult to detect using conventional strategies, a nondestructive side-channel analysis-based detection approach is proposed, which employs the algorithm of singular value decomposition to analyze and statistically process the transient power of IC chips. Validation results of the approach on FPGA chips show that, even in the presence of big noise and process variation, the proposed approach is effective in detecting the hardware Trojans that are 2 orders of magnitude smaller than the original circuit.

Stefano Carnà,Serena Ferracci,Francesco Quaglia,Alessandro Pellegrini

2024-02-18

Abstract:We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This infrastructure relies on hardware performance counters to collect information at runtime from all applications running on the machine. High-level detection metrics are derived from these measurements to maximize the likelihood of promptly detecting a malicious application. Our experimental assessment shows that we can catch a large family of side-channel attacks with a significantly reduced overhead. We also discuss countermeasures that can be enacted once a process is suspected of carrying out a side-channel attack to increase the overall tradeoff between the system's security level and the delivered performance under non-suspected process executions.

Cryptography and Security,Operating Systems

Shan Jin,Minghua Xu,Yiwei Cai

2023-10-25

Abstract:Side-channel attacks (SCAs), which infer secret information (for example secret keys) by exploiting information that leaks from the implementation (such as power consumption), have been shown to be a non-negligible threat to modern cryptographic implementations and devices in recent years. Hence, how to prevent side-channel attacks on cryptographic devices has become an important problem. One of the widely used countermeasures to against power SCAs is the injection of random noise sequences into the raw leakage traces. However, the indiscriminate injection of random noise can lead to significant increases in energy consumption in device, and ways must be found to reduce the amount of energy in noise generation while keeping the side-channel invisible. In this paper, we propose an optimal energy-efficient design for artificial noise generation to prevent side-channel attacks. This approach exploits the sparsity among the leakage traces. We model the side-channel as a communication channel, which allows us to use channel capacity to measure the mutual information between the secret and the leakage traces. For a given energy budget in the noise generation, we obtain the optimal design of the artificial noise injection by solving the side-channel's channel capacity minimization problem. The experimental results also validate the effectiveness of our proposed scheme.

Cryptography and Security,Signal Processing

Weize Yu,Orhun Aras Uzun,Selçuk Köse

DOI: https://doi.org/10.1145/2744769.2744866

2015-01-01

Abstract:Side-channel attacks have become a significant threat to the integrated circuit security. Circuit level techniques are proposed in this paper as a countermeasure against side-channel attacks. A distributed on-chip power delivery system consisting of multi-level switched capacitor (SC) voltage converters is proposed where the individual interleaved stages are turned on and turned off either based on the workload information or pseudo-randomly to scramble the power consumption profile. In the case that the changes in the workload demand do not trigger the power delivery system to turn on or off individual stages, the active stages are reshuffled with so called converter-reshuffling to insert random spikes in the power consumption profile. An entropy based metric is developed to evaluate the security-performance of the proposed converter-reshuffling technique as compared to three other existing on-chip power delivery schemes. The increase in the power trace entropy with CoRe scheme is also demonstrated with simulation results to further verify the theoretical analysis.

Jiaji He,Haocheng Ma,Xiaolong Guo,Yiqiang Zhao,Yier Jin

DOI: https://doi.org/10.1109/ASP-DAC47756.2020.9045426

2020-01-01

Abstract:Electromagnetic (EM) side-channel attacks aim at extracting secret information from cryptographic hardware implementations. Countermeasures have been proposed at device level, register-transfer level (RTL) and layout level, though efficient, there are still requirements for quantitative assessment of the hardware implementations' resistance against EM side-channel attacks. In this paper, we propose a design for EM side-channel security evaluation and optimization framework based on the t-test evaluation results derived from RTL hardware implementations. Different implementations of the same cryptographic algorithm are evaluated under different hypothesis leakage models considering the driven capabilities of logic components, and the evaluation results are validated with side-channel attacks on FPGA platform. Experimental results prove the feasibility of the proposed side-channel leakage evaluation method at pre-silicon stage. The remedies and suggested security design rules are also discussed.

J. Longo,E. De Mulder,D. Page,M. Tunstall

DOI: https://doi.org/10.1007/978-3-662-48324-4_31

2015-01-01

Abstract:Increased complexity in modern embedded systems has presented various important challenges with regard to side-channel attacks. In particular, it is common to deploy SoC-based target devices with high clock frequencies in security-critical scenarios; understanding how such features align with techniques more often deployed against simpler devices is vital from both destructive (i.e., attack) and constructive (i.e., evaluation and/or countermeasure) perspectives. In this paper, we investigate electromagnetic-based leakage from three different means of executing cryptographic workloads (including the general purpose ARM core, an on-chip co-processor, and the NEON core) on the AM335x SoC. Our conclusion is that addressing challenges of the type above is feasible, and that key recovery attacks can be conducted with modest resources.