Side-Channel Security By Design : Hardware Level Countermeasures
Side-Channel Security By Design : Hardware Level Countermeasures
- 주제(키워드) side-channel security , hardware countermeasure , secure logic design
- 발행기관 고려대학교 정보보호대학원
- 지도교수 홍석희
- 지도교수 BartPreneel
- 지도교수 IngridVerbauwhede
- 발행년도 2018
- 학위수여년월 2018. 2
- 학위구분 박사
- 학과 정보보호대학원 정보보호학과
- 원문페이지 188 p
- 실제URI http://www.dcollection.net/handler/korea/000000079969
- 본문언어 영어
- 제출원본 000045932480
초록/요약
This thesis studies side-channel security by design at the hardware level. Side-channel attacks are powerful attacks that extract keys from cryptographic devices by measuring physical parameters during the computation. Many countermeasures against side-channel attacks are added after the initial design of the circuit or system. This typically results in a substantial overhead and/or performance degradation. This thesis considers side-channel security at a design time with as goal to improve one or more parameters from power, implementation area, and latency. A first contribution is a new secure logic style, the Three-Phase Dynamic Current Mode Logic style (TPDyCML). This logic style is robust against side-channel attacks and reduces the power consumption compared with other three-phase based dual-rail based secure logic styles such as the Three-Phase Dual-rail Pre-charge Logic (TDPL) style. Even though the TDPL offers a high security level due to its three-phase operation, this logic style consumes twice as much power as other well-known secure logic styles with two-phase operation, such a the Sense Amplifier Based Logic style (SABL). However, our TPDyCML has a power consumption similar to that of SABL. To evaluate the security of TPDyCML, we use the normalized energy deviation (NED), the normalized standard deviation (NSD), and mutual information analysis (MIA). The latter one is particularly suited to compare secure logic styles. Our simulation-based evaluation shows that TPDyCML has the best security property and a more constant power consumption than other secure logic styles such as SABL, DyCML, and TDPL. In addition, TPDyCML consumes less power than TDPL and similar power as SABL. Therefore, TPDyCML is a practical low-power solution that offers a strong protection against side-channel attacks. Typically, secure logic styles increase the implementation area due to the dual-rail configuration and additional circuitry to keep the power consumption constant. Therefore, we propose an efficient design method to create a balanced compact NMOS tree that can be applied in any secure logic style. The balanced compact NMOS tree represents a complex Boolean function. The internal configuration is realized via a binary decision diagram (BDD). Using a BDD, we can configure the balanced NMOS tree with internal nodes that are fully connected to output nodes. This fully connected circuit efficiently mitigates the memory effect which has a positive effect on the security level. In addition, the compact NMOS tree for large Boolean functions results in a reduction of implementation area and latency. There are many open source library for BDD. In our research, we use Colorado University Decision Diagram (CUDD) because of its widespread usage. In addition to countermeasures at the transistor level, one can also use standard cell logic. In deep-sub micron technology, the Non-Recurrent Engineering (NRE) cost increases exponentially, which makes countermeasures through standard cell logic very appealing. This thesis proposes a new balanced circuit that is resistant to side-channel attacks. A normal BDD has an implementation area that increases exponentially with the number of input and output values. We substantially reduce this area with a balanced circuit based on a Shared reduced ordered Binary Decision Diagram (SBDD). Due to the characteristic of SBDD with multiple output functions, more internal gates can be shared. From this optimization, we propose the side-channel tolerant balanced circuit (STBC), which results in a implementation area that is 13 smaller than that of DP-BDD, which was so far the best BDD-based countermeasure. As suggested by its name, our SBDD circuit has a balanced configuration; moreover, its critical path delay is independent of the input values. For the security evaluation, we use a fixed versus random t-test. The security and performance analysis confirm that STBC offers strong protection against side-channel attacks.
more목차
Contents
Acknowledgements i
Abstract iii
Abbreviations vii
I Side-Channel Security by Design: Hardware Level Countermeasures 1
1 Introduction 3
1.1 Background/Motivation . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Overview of Results/Contributions . . . . . . . . . . . . . . . . . 8
1.3 Structure of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 13
2 Side-channel countermeasures built into the design 15
2.1 Three Phase Dynamic Current Mode Logic: A more secure DyCML to achieve a more balanced power consumption ..15
2.2 Mutual Information Evaluation for Three-Phase Dynamic Current Mode Logic . . . . . . . . . . . . . . . . . . . . 22
2.3 Binary Decision Diagram to design balanced secure logic styles . 27
2.4 STBC: Side Channel Attack Tolerant Balanced Circuit with Reduced Propagation Delay . . . . . . . . .. . . . 35
3 Conclusion 43
3.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
3.2 Open Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
3.2.1 Di_erent fan-in and fan-out e_ects due to sharing an internal node and internal gate. . . . . . . . . . . . . . . . . 46
3.2.2 Back end design issue such as place and routing for a balanced circuit design . . . . . . . . . . . . . . . . . . . . 47
3.2.3 Design automation for a uni_ed hardware countermeasure against various physical attacks . . . . . . . .. . 48
Bibliography 56
II Publications 58
List of Publications 60
Three Phase Dynamic Current Mode Logic: A more secure DyCML to achieve a more balanced power consumption 62
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
2 Background and Related Work . . . . . . . . . . . . . . . . . . . 67
2.1 Sense Ampli_er Based Logic Style(SABL) . . . . . . . . . 67
2.2 Dynamic Current Mode Logic Style(DyCML) . . . . . . . 68
3 Three Phase Dynamic Current Mode Logic . . . . . . . . . . . . 70
3.1 Structure of the proposed Logic . . . . . . . . . . . . . . . 70
3.2 Operation of the proposed logic . . . . . . . . . . . . . . . 71
4 Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
4.1 Unbalanced capacitance load test . . . . . . . . . . . . . . 74
4.2 AES S-box simulation . . . . . . . . . . . . . . . . . . . . 78
5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Furtherwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Mutual Information Analysis for Three-Phase Dynamic Current
Mode Logic against Side-Channel Attack 84
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
2 TPDyCML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
2.1 Structure of TPDyCML . . . . . . . . . . . . . . . . . . . 93
2.2 Operation of TPDyCML . . . . . . . . . . . . . . . . . . . 94
3 AES S-box Implementation . . . . . . . . . . . . . . . . . . . . . 95
3.1 BDD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
3.2 AES Composite Field Optimization Using BDD . . . . . . 97
4 CPA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
4.1 Simulation Attack Using CPA . . . . . . . . . . . . . . . . 99
4.2 CMOS versus TPDyCML . . . . . . . . . . . . . . . . . . 100
5 MIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
5.1 Information Theoretic Analysis . . . . . . . . . . . . . . . 103
5.2 MIA Results for Secure Logic . . . . . . . . . . . . . . . . 105
6 Conclusion and Further work . . . . . . . . . . . . . . . . . . . . 107
Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Binary decision diagram to design balanced secure logic styles 113
1 introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
2 Previous Secure Logic Design Methods . . . . . . . . . . . . . . 116
2.1 Secure Logic Styles with custom basic gates . . . . . . . . 116
2.2 Previous fully connected methods . . . . . . . . . . . . . . 117
2.3 Previous BDD-based secure design methods . . . . . . . . 118
3 Security evaluation criteria . . . . . . . . . . . . . . . . . . . . . 118
3.1 NED, NSD, and MCV . . . . . . . . . . . . . . . . . . . . 119
3.2 MIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
4 Our proposed design method . . . . . . . . . . . . . . . . . . . . 121
4.1 BDD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
5 Case study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
5.1 Basic construction procedure . . . . . . . . . . . . . . . . 125
5.2 Secure AES S-box design . . . . . . . . . . . . . . . . . . 129
6 Simulation results . . . . . . . . . . . . . . . . . . . . . . . . . . 129
7 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
STBC: Side Channel Attack Tolerant Balanced Circuit with Reduced Propagation Delay 136
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
2 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
2.1 BDD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
2.2 Propagation delay problem . . . . . . . . . . . . . . . . . 142
3 Proposed STBC method . . . . . . . . . . . . . . . . . . . . . . 144
3.1 Structure of STBC . . . . . . . . . . . . . . . . . . . . . . 144
3.2 Operation of an STBC . . . . . . . . . . . . . . . . . . . . 146
3.3 Advantages of STBC . . . . . . . . . . . . . . . . . . . . . 148
4 Simulation results . . . . . . . . . . . . . . . . . . . . . . . . . . 149
4.1 Case study . . . . . . . . . . . . . . . . . . . . . . . . . . 149
4.2 Security analysis . . . . . . . . . . . . . . . . . . . . . . . 150
4.3 Performance comparison . . . . . . . . . . . . . . . . . . . 152
5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Curriculum 159
