Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

Effect of glitches against masked AES S-box implementation and countermeasure

Effect of glitches against masked AES S-box implementation and countermeasure

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

© The Institution of Engineering and Technology
Published

Masking of gates is one of the most popular techniques to prevent differential power analysis (DPA) of AES algorithm. It has been shown that the logic circuits used in the implementation of cryptographic algorithms leak side-channel information inspite of masking, which can be exploited, in differential power attacks. The phenomenon in CMOS circuits responsible for the leakage of masked circuits is known as glitching. Motivated by this fact, the authors analyse the effect of glitches in CMOS circuits against masked implementation of the AES S-box. The authors explicitly demonstrate that glitches do not affect always. There exists a relation between combinational path delay of the circuit and timing difference of input vectors to the circuit, which has a bearance on the amount of information leaked by the masked gates. A balanced masked S-box circuit is proposed where the inputs are synchronised by sequential components. Detailed SPICE results are shown to support the claim that the modifications indeed reduce the vulnerability of the masked AES S-box against DPA attacks.

Inspec keywords: vectors; SPICE; masks; delays; CMOS logic circuits; cryptography

Other keywords: differential power analysis; logic circuits; SPICE; masked circuits leakage; combinational path delay; CMOS circuits; balanced masked S-box circuit; cryptographic algorithms; vectors; AES algorithm

Subjects: Algebra; Logic and switching circuits; Electronic engineering computing; Cryptography; CMOS integrated circuits; Algebra; Cryptography theory; Logic circuits

References

    1. 1)
      • Tiri, K., Schaumont, P.: `Changing the odds against masked logic', Selected Areas of Cryptography (SAC'06), 2006, p. 30–44, (LNCS, 3156).
    2. 2)
      • Fischer, W., Gammel, B.: `Masking at gate level in the presence of glitches', CHES 2005, 2005, p. 187–200, (LNCS, 3659).
    3. 3)
      • Ors, S.B., Gurkaynak, F., Oswald, E., Preneel, B.: `Power-analysis attack on an ASIC AES implementation', Information Technology: Coding and Computing, 2004, p. 546–552, (LNCS, 2).
    4. 4)
      • Popp, T., Mangard, S.: `Masked dual-rail pre-charge logic: DPA-resistance without routing constraints', CHES 2005, 2005, p. 172–186, (LNCS, 3659).
    5. 5)
      • Messerges, T.S., Dabbish, E.A., Puhl, L.: `Method and apparatus for preventing information leakage attacks on a microelectronic assembly', US Patent 6,295,606, September 2001.
    6. 6)
      • Tiri, K., Hwang, D., Hodjat, A.: `A side-channel leakage free coprocessor IC in 0.18 µ CMOS for embedded AES-based cryptographic and biometric processing', Design Automation Conf. – DAC 2005, June 2005, Anaheim, California, USA.
    7. 7)
      • Baddam, K., Zwolinski, M.: `Evaluation of dynamic voltage and frequency scaling as a differential power analysis countermeasure', 20thVLSI Design – 6th Embedded Systems – VLSID 2007, January 2007, Bangalore, India, p. 854–859.
    8. 8)
      • Blömer, J., Guajardo, J., Krummel, V.: `Provably secure masking of AES', Selected Areas in Cryptography – SAC 2004, August 2004, Waterloo, Canada, p. 69–83, (LNCS, 3357), Revised Selected Papers.
    9. 9)
      • P. Kocher , J. Jaffe , B. Jun . (1998) Introduction to differential power analysis and related attacks.
    10. 10)
      • Mangard, S., Popp, T., Gammel, B.M.: `Side-channel leakage of masked CMOS gates', Topics in Cryptology – CT-RSA 2005, The Cryptographers' Track at the RSA Conf. 2005, February 2005, San Francisco, CA, USA, p. 351–365, (LNCS, 3376).
    11. 11)
      • Trichina, E., Seta, D.D., Germani, L.: `Simplified adaptive multiplicative masking for AES', CHES 2002, August 2002, Redwood Shores, CA, USA, p. 187–197, (LNCS, 2535), Revised Papers.
    12. 12)
      • Trichina, E., Korkishko, T., Lee, K.H.: `Small size, low power, side channel-immune AES coprocessor: design and synthesis results', Advanced Encryption Standard – AES 2004, May 2004, Bonn, Germany, p. 113–127, (LNCS, 3373), Revised Selected and Invited Papers.
    13. 13)
      • Lin, K., Fang, S., Yang, S., Lo, C.: `Overcoming glitches and dissipation timing skew in design of DPA resistant cryptographic hardware', Design Automation and Test in Europe (DATE'07), April 2007, Nice, France.
    14. 14)
      • Trichina, E.: `Combinational logic design for AES subbyte transformation on masked data', , Cryptology ePrint Archive Report 2003/236 (http://eprint.iacr.org/).
    15. 15)
      • Yen, S.M.: `Amplified differential power cryptanalysis on Rijndael implementations with exponentially fewer power traces', Information Security and Privacy – ACISP 2003, 2003, Wollongong, Australia, p. 106–117, (LNCS, 2727).
    16. 16)
      • Nikova, S., Rechberger, C., Rijmen, V.: `Threshold implementations against side-channel attacks and glitches*', 8thInt. Conf. Information and Communications Security (ICICS'06), 2006, p. 529–545, (LNCS, 4307).
    17. 17)
      • Standaert, F., Ors, S., Preneel, B.: `Power analysis of an FPGA implementation of Rijndael: is pipelining a DPA countermeasure?', CHES, 2004, p. 30–44, (LNCS, 3156).
    18. 18)
      • Mangard, S., Pramstaller, N., Oswald, E.: `Successfully attacking masked AES hardware implementations', CHES 2005, August 2005, Edinburgh, Scotland, p. 157–171, (LNCS, 3659).
    19. 19)
      • Mangard, S., Schramm, K.: `Pinpointing the side-channel leakage of masked AES hardware implementations', Cryptographic Hardware and Embedded Systems – CHES 2006, September 2006, Tokio, Japan, p. 156–171, (LNCS, 3738).
    20. 20)
      • Golić, J.D., Tymen, C.: `Multiplicative masking and power analysis of AES', CHES 2002, August 2002, Redwood Shores, CA, USA, p. 198–212, (LNCS, 2535), Revised Papers.
    21. 21)
      • Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: `A side-channel analysis resistant description of the AES S-box', Fast Software Encryption – FSE 2005, February 2005, Paris, France, p. 413–423, (LNCS, 3557).
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs_20080041
Loading

Related content

content/journals/10.1049/iet-ifs_20080041
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address