Skip to main content
Log in

A Comprehensive FPGA-Based Assessment on Fault-Resistant AES against Correlation Power Analysis Attack

Journal of Electronic Testing Aims and scope Submit manuscript

Abstract

The secret key used in a cryptosystem can be retrieved by physical attacks such as side-channel analysis (SCA) and fault analysis (FA) attacks. Traditionally, countermeasures for different physical attacks are developed in a separate fashion. To lay a solid foundation for countermeasure development for the emerging combined attacks, it is imperative to thoroughly study how the countermeasure for one attack affects the efficiency of other attack. In this work, we use a FPGA-based platform to investigate whether and how the FA countermeasure can influence the efficiency of the correlation power analysis (CPA) attack. Unlike the previous work using simulations on the S-Box only, our assessments are based on the FPGA emulation of the entire AES. In addition to considering different error detection codes, we compare the key retrieval speed of the CPA attack in the scenarios of using different power models, redundancy types for fault detection, modules under fault protection, and practical FPGA synthesis optimization. Furthermore, we propose a new countermeasure that integrates dynamic masking and error deflection to simultaneously thwart CPA and FA attacks. Experimental results show that for 100,000 power traces, our method successfully prevents the key leakage while other methods leak at least five AES subkey bytes. Meanwhile, our simulation also confirms that the proposed method reduces the success rate of FA attacks by up to 90 % over the other methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20

References

  1. Amiel F, Villegas K, Feix B, and Marcel L (2007) Passive and active combined attacks: Combining fault attacks and side channel analysis, in Proc. Workshop on FDTC , pp. 92–102

  2. Avirneni NDP, Somani AK (2014) Countering power analysis attacks using reliable and aggressive designs. IEEE Trans Comput 63(6):1408–1420

  3. Bar-El H, Choukri H, Naccache D, Tunstall M, and Whelan C, (2004) The Sorcerer’s apprentice guide to fault attacks, Cryptology ePrint Archive, Report 2004/10

  4. Barenghi A, Breveglieri. L, Koren I, Naccache D (2012) Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proc. IEEE 100(11):3056–3076

  5. Bertoni G, Breveglieri L, Koren I, Maistri P and Piuri V (2002) A parity code based fault detection for an implementation of the Advanced Encryption Standard, In Proc. DFT Workshop, pp. 51–59

  6. Bertoni G, Brevegelieri L, Koren I, Maistri P, Piuri V (2003) Error analysis and detection procedures for a hardware implementation of the advanced encryption standard. IEEE Trans. Computers 52(4):492–505

    Article  Google Scholar 

  7. Breveglieri L, Koren I, and Maistri P, (2005) Incorporating Error Detection and Online Reconfiguration into a Regular Architecture for the Advanced Encryption Standard, in Proc. DFT, pp. 72–80

  8. Brier E, Clavier C, and Olivier F (2004) Correlation power analysis with a leakage model, in Lecture Notes in Computer Science, 3156:16–29, Springer, Berlin

  9. Canright D (2005) A Very Compact Rijndael S-box, Technical Report: NPS-MA-05-001, Naval Postgraduate School

  10. Clavier C, Feix B, Gagnerot G, and Roussellet M (2010) Passive and active combined attacks on AES: Combining fault attacks and side channel analysis, in Proc. Workshop on FDTC , pp. 10–19

  11. Daemen J and Rijmen V. (1999) Resistance against Implementation Attacks: A Comparative Study of the AES Proposals, in Proc. Second Advanced Encryption Standard (AES) Candidate Conference, pp. 1–11

  12. Dassance F and Venelli A (2012) Combined Attacks on the AES Key Schedule, in Proc. Workshop on FDTC, pp. 63–71

  13. Goodwill G, Jun B,Jaffe J, Rohatgi P (2011) A testing methodology for SideChannel resistance validation, In Proc. NIST Non-Invasive Attack Testing Workshop

  14. Güneysu T, Moradi A (2011) Generic side-channel counter-measures for reconfigurable devices. CHES 11:33–48

    Google Scholar 

  15. Hajra S, Rebeiro C, Bhasin S , Bajaj G, Sharma S, Guilley S, and Mukhopadhyay D (2014) DRECON: DPA resistant encryption by construction, In AFRICACRYPT, 8469:420–439

  16. https://github.com/freecores/aes_decrypt_fpga/tree/master/rtl/ verilog

  17. Joye M, Manet P, and Rigaud J, (2007) Strengthening hardware AES implementations against fault attacks, in Proc. IET Info Security, 1(3):106–110

  18. Karri R and Guo X (2012) Invariance-based concurrent error detection for advanced encryption standard, in Proc. DAC, pp. 573–578

  19. Karri R, Wu K, Mishra P, Kim Y (2002) Concurrent error detection schemes for fault-based Side-Channel cryptanalysis of symmetric block ciphers. IEEE Trans. CAD 21(12):1509–1517

  20. Karri R , Kuznetsov G and Goessel M (2003) Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers, Proc. Intl Workshop Cryptographic Hardware and Embedded Systems (CHES03), pp. 113–124

  21. Kermani M. M and Reyhani-Masoleh A (2006) Parity-Based Fault Detection Architecture of S-box for Advanced Encryption Standard, In Proc. DFT06, pp. 572–580

  22. Kocher P, Jaffe J, and Jun B (1999) Differential Power Analysis, in Proc. Crypto99, pp.388–397

  23. Lomne. V, Roche T, and Thillard A, (2012) On the need of randomness in fault attack countermeasures—Application to AES, In: Proc. Workshop on  FDTC , pp. 85–94

  24. Luo P, Fei Y, Zhang L, and Ding AA (2014) Side-channel power analysis of different protection schemes against fault attacks on AES, in Proc. ReConFigurable Computing and FPGAs (ReConFig), pp. 1–6

  25. Maingot V and Leveugle R (2006) Error detection code efficiency for secure chips, in Proc. ICECS, pp 561–564

  26. Maingot V and Leveugle R (2007) On the use of error correcting and detecting codes in secured circuits, in Proc. PRIME, pp. 245–248

  27. Maistri P, Leveugle R (2008) Double-data-rate computation as a countermeasure against fault analysis. IEEE Trans Comput 57(11):1528–1539

    Article  MathSciNet  Google Scholar 

  28. Mathew J, Rahaman H, Jabir A. M, Mohanty A.M. S. P, and Pradhan D. K (2010) On the design of different concurrent EDC schemes for s-box and gf(p), in Proc. ISQED, pp. 211–218

  29. Moradi, A and Wild A (2015) Assessment of Hiding the Higher-Order Leakages in Hardware, In Proc. CHES pp. 453–474

  30. Moradi A, Mischke O, Eisenbarth T (2010) Correlation-enhanced power analysis collision attack. In: Proc. CHES, pp.125–139

  31. Moradi A, Mischke O, Paar C, Li Y, Ohta K, Sakiyama K (2011) On the power of fault sensitivity analysis and collision side-channel attacks in a combined setting, In CHES’11, LNCS, vol. 6917, pp. 292–311

  32. Moradi. A, Shalmani M. T. M, and Salmasizadeh M, (2006) A generalized method of differential fault attack against AES cryptosystem, in Proc. CHES, 4249:91–100

  33. Mozaffari-Kermani M, Reyhani-Masoleh A (2010) Concurrent structure-independent fault detection schemes for the advanced encryption standard. IEEE Trans Computers 59(5):608–622

    Article  MathSciNet  Google Scholar 

  34. National Inst. of Standards and Technology (2001) Federal Information Processing Standard Publication 197, the advanced encryption standard (AES), Nov 2001

  35. O’Flynn C and Chen Z 2014 Chipwhisperer: An opensource platform for hardware embedded security research, in Proc. Prouff pp. 243–260.

  36. O’Flynn C and Chen Z.D (2015) Side channel power analysis of an AES-256 bootloader, in Proc. CCECE, pp 750–755

  37. Oswald E, Mangard S, Pramstaller N, and Rijmen V, (2005) A side-channel analysis resistant description of the AES S-box, in Proc. Fast Software Encryption (FSE). Lecture Notes in Computer Science, (Springer, Berlin), 3557:413–423

  38. Pahlevanzadeh H, Dofe J, and Yu Q (2016) Assessing CPA resistance of AES with different fault tolerance mechanisms, in Proc the 21st ASP-DAC, pp 661–666

  39. Patranabis S, Roy DB, Mukhopadhyay D (2016) Using Tweaks to Design Fault Resistant Ciphers, In Proc.VLSID, pp. 585–586

  40. Prouff E and Rivain M (2013) Masking against side-channel attacks: A formal security proof, in Proc. EUROCRYPT, LNCS, 7881:142–159. Springer, Heidelberg

  41. Regazzoni F, Eisenbarth T, Grossschadl J, and Breveglieri L, (2007) Power Attacks Resistance of Cryptographic S-boxes with added Error Detection Circuits, in Proc. DFT, pp. 508–516.

  42. Regazzoni F, Eisenbarth T, Breveglieri L, Ienne P, and Koren I (2008) Can knowledge regarding the presence of countermeasures against fault attacks simplify power attacks on cryptographic devices, in Proc. DFT, pp 202–210

  43. Roche T, Lomne V, and Khalfallah K, (2011) Combined Fault and Side- Channel Attack on Protected Implementations of AES, in Proc. Prouff, pp. 65–83

  44. Roy SS, Jarvinen K, and Verbauwhede I (2015) Lightweight Coprocessor for Koblitz Curves: 283-Bit ECC Including Scalar Conversion with only 4300 Gates, In Proc. CHES’ 15 102–122

  45. Schramm K, Paar C (2006) Higher order masking of the AES. In: Pointcheval D (ed) Topics in Cryptology-CT-RSA 2006, volume 3860 of lecture notes in computer science, pp. 208–225. Springer

  46. Tunstall M, Mukhopadhyay D, and Ali S (2011) Differential fault analysis of the advanced encryption standard using a single fault. In Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication, pp. 224–233. Springer Berlin Heidelberg

  47. Yen CH, Wu BF (2006) Simple Error Detection Methods for Hardware Implementation of Advanced Encryption Standard. IEEE Trans Computers 55(6):720–731

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Qiaoyan Yu.

Additional information

Responsible Editor: O. Sinanoglu

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dofe, J., Pahlevanzadeh, H. & Yu, Q. A Comprehensive FPGA-Based Assessment on Fault-Resistant AES against Correlation Power Analysis Attack. J Electron Test 32, 611–624 (2016). https://doi.org/10.1007/s10836-016-5598-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10836-016-5598-9

Keywords

Navigation