Abstract
Low power consumption, low gate count, and high throughput are standard design criteria for cryptographic coprocessors designated for resource constrained devices such as smart cards. With the advent of side channel attacks, devices’ resistance to such attacks became another major requirement. This paper describes a cryptographic hardware module for an AES algorithm that provides complete protection against first order differential power analysis by embedding a data masking countermeasure at a hardware level. We concentrate on inversion in GF(28) since this is the only non-linear operation that requires complex transformations on masked data and on bits of the masks. The simulation and synthesis results confirm that the proposed solution is suitable for applications in GSM and ad-hoc networks in terms of performance, gate count and power consumption. To our knowledge, this is the first implementation of a side channel-resistant AES hardware module suitable for smart- and SIM-cards.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akkar, M., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)
Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Proc. Security Protocols: IWSP 1997. LNCS, vol. 1361, pp. 125–136 (1997)
Blömmer, J., Merchan, J.G., Krummel, V.: Provably secure masking of AES. IACR Cryptology ePrint Archive Report 2004/101 (2004)
Bucci, M., Germani, L., Guglielmo, M., Luzzi, R., Trifiletti, A.: A simulation methodology for DPA resistance testing of cryptographic processors (manuscript, 2003)
Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)
Clavier, C., Coron, J.-S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)
Daemen, J., Rijmen, V.: The design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002)
Fruhauf, S., Sourge, L.: Safety device against the unauthorized detection of protected data. U.S. patent 5,404,402 (1995)
Gandolfi, K., Mourtel, C., Oliver, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)
Goliç, J., Tymen, C.: Multiplicative masking and power analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003)
Goubin, L.: A sound method for switching between boolean and arithmetic masking. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 3–15. Springer, Heidelberg (2001)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Kocher, P.: Timing attacks on implementations of Diffie-Hellmann, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P., Jaffe, J., Jun, B.: Using unpredictable information to minimize leakage from smartcards and other cryptosystems, USA patent, International Publication number WO 99/63696 (1999)
Kommerling, O., Kuhn, M.: Design principles for tamper-resistant smartcard processors. In: Proc. USENIX Workshop on Smartcard Technology (Smartcard 1999), pp. 9–20 (1998)
Lu, C.C., Tseng, S.-Y.: Integrated design of AES (Advanced Encryption Srandard) encryptor and decryptor. In: Proc. IEEE conf. on Application-Specific Systems, Architectures, and Processors (ASAP 2002), pp. 277–285 (2002)
May, D., Muller, H.L., Smart, N.P.: Random register renaming to foil DPA. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 28. Springer, Heidelberg (2001)
Mangard, S., Aigner, M., Dominikus, S.: A highly regular and scalable AES hardware architecture. IEEE Transactions on Computers 52(4), 483–491 (2003)
Messerges, T.: Securing the AES finalists against power analysis attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–165. Springer, Heidelberg (2001)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the thread of power analysis. IEEE Trans. Computers 51(5), 522–541 (2002)
Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)
Morioka, S., Satoh, A.: An optimized S-Box circuit architecture for low power AES design. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 172–186. Springer, Heidelberg (2003)
Moore, S., Anderson, R., Cunningham, P., Mullins, R., Taylor, G.: Improving smart card security using self-timed circuits. In: Proc. Proceeding 8th IEEE International Symposium on Asynchronous Circuits and Systems – ASYNC 2002, pp. 23–58. IEEE, Los Alamitos (2002)
Paar, C.: Efficient VLSI architectures for bit parallel computations in Galois fields. PhD Thesis, University of Essen, Germany (1994)
Quisquater, J.J., Samide, D.: Electromagnetic analysis (ema): measures and counter-measures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)
Rudra, A., Dubey, P., Julta, C., Kumar, V., Rao, J., Rohatgi, P.: Efficient Rijndael implementation with composite field arithmetic. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 175–188. Springer, Heidelberg (2001)
Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A compact Rijndael hardware architecture with S-Box optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)
Sprunk, E.: Clock frequency modulation for secure microprocessors, USA patent number WO 99/63696 (1999)
Tiri, K., Akmal, M., Verbauwhede, I.: A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In: Proc. IEEE 28th Europen Solid-State Circuit Conf. – ESSCIRC 2002 (2002)
Trichina, E.E., De Seta, D., Germani, L.: Simplified Adaptive Multiplicative Masking for AES and its secure implementation. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 187–197. Springer, Heidelberg (2003)
Wolkerstorfer, J.: An ASIC implementation of the AES MixColumn operation. In: Proceedings Austrochip 2001 (2001)
Wolkerstorfer, J., Oswald, E., Lamberger, M.: An ASIC implementation of the AES S-Boxes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 67–78. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Trichina, E., Korkishko, T. (2005). Secure AES Hardware Module for Resource Constrained Devices. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds) Security in Ad-hoc and Sensor Networks. ESAS 2004. Lecture Notes in Computer Science, vol 3313. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30496-8_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-30496-8_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24396-0
Online ISBN: 978-3-540-30496-8
eBook Packages: Computer ScienceComputer Science (R0)