Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

Multiprocessor information concealment architecture to prevent power analysis-based side channel attacks

Multiprocessor information concealment architecture to prevent power analysis-based side channel attacks

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Computers & Digital Techniques — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Side channel attackers observe external manifestations of internal computations in an embedded system to predict the encryption key employed. The ability to examine such external manifestations (power dissipation or electromagnetic emissions) is a major threat to secure embedded systems. This study proposes a secure multiprocessor architecture to prevent side channel attacks, based on a dual-core algorithmic balancing technique, where two identical cores are used. Both cores use a single clock and encrypt simultaneously, with one core executing the original encryption, whereas the second executes the complementary encryption. This effectively balances the crucial information from the power profile (note that it is the information and not the power profile itself), hiding the actual key from the adversary attempting an attack based on differential power analysis (DPA). The two cores normally execute different tasks, but will encrypt together to foil a side channel attack. The authors show that, when our technique is applied, DPA fails on the most common block ciphers, data encryption standard (DES) and advanced encryption standard (AES), leaving the attacker with little useful information with which to perpetrate an attack.

References

    1. 1)
      • May, D., Muller, H.L., Smart, N.P.: `Non-deterministic processors', Proc. Sixth Australasian Conf. on Information Security and Privacy, ACISP'01, 2001, p. 115–129.
    2. 2)
      • M. Barbosa , D. Page . On the automatic construction of indistinguishable operations. IMA Int. Conf. , 233 - 247
    3. 3)
      • Popp, T., Mangard, S.: `Masked dual-rail pre-charge logic: DPA-resistance without routing constraints', Proc. Cryptographic Hardware and Embedded Systems – CHES 2005, Seventh Int. Workshop, 2005, Edinburgh, Scotland, p. 172–186, 29 August – 1 September (LNCS, 3659).
    4. 4)
      • Trichina, E., Seta, D.D., Germani, L.: `Simplified adaptive multiplicative masking for AES', Revised Papers from the Fourth Int. Workshop on Cryptographic Hardware and Embedded Systems, CHES'02, 2003, p. 187–197.
    5. 5)
      • COMPUTER SYSTEMS LABORATORY (US): Data Encryption Standard (DES), 1994, category: computer security, subcategory: cryptography. Supersedes FIPS PUB 46-1–1988 January 22. Reaffirmed 30 December, 1993. Shipping list no.: 94-0171-P.
    6. 6)
      • Messerges, T.S., Dabbish, E.A., Sloan, R.H.: `Investigations of power analysis attacks on smartcards', Proc. USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, WOST'99, 1999, p. 17–30.
    7. 7)
      • E. Brier , C. Clavier , F. Olivier . Correlation power analysis with a leakage model. CHES , 16 - 29
    8. 8)
      • Tiri, K., Verbauwhede, I.: `A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation', Proc. Conf. on Design, automation and test in Europe, DATE'04, 2004, p. 10246.
    9. 9)
      • R.P. McEvoy , C.C. Murphy , W.P. Marnane , M. Tunstall . Isolated wddl: a hiding countermeasure for differential power analysis on fpgas. ACM Trans. Reconfigurable Technol. Syst. , 1 , 1 - 23
    10. 10)
      • Wolf, W.: `Multimedia applications of multiprocessor systems-on-chips', Proc. Conf. on Design, Automation and Test in Europe, DATE'05, 2005, p. 86–89.
    11. 11)
      • Waddle, J., Wagner, D.: `Towards efficient second-order power analysis', CHES, 2004, p. 1–15.
    12. 12)
      • W. Stallings . The advanced encryption standard. Cryptologia , 3 , 165 - 188
    13. 13)
      • Hollestelle, G., Burgers, W., den Hartog, J.I.: `Power analysis on smartcard algorithms using simulation', Technical Report CSR 04-22, 2004, http://eprints.eemcs.utwente.nl/798/.
    14. 14)
      • T.S. Messerges , E.A. Dabbish , R.H. Sloan . Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. , 5 , 541 - 552
    15. 15)
      • Ambrose, J.A., Parameswaran, , Ignjatovic, A.: `MUTE-AES: a multiprocessor architecture to prevent power analysis based side channel attack of the AES Algorithm', ICCAD, 2008, p. 489–492.
    16. 16)
      • Brumley, D., Boneh, D.: `Remote timing attacks are practical', Proc. 12th USENIX Security Symp., August 2003.
    17. 17)
      • Peeters, E., Standaert, F.-X., Donckers, N., Quisquater, J.-J.: `Improved higher-order side-channel attacks with FPGA experiments', CHES, 2005, p. 309–323.
    18. 18)
      • Oswald, E., Mangard, S., Herbst, C., Tillich, S.: `Practical second-order DPA attacks for masked smart card implementations of block ciphers', Proc. Topics in Cryptology – CT-RSA 2006, The Cryptographers' Track at the RSA Conf. 2006, 13–17 February 2006, p. 192–207, (LNCS, 3860).
    19. 19)
      • Sauvage, L., Guilley, S., Danger, J.-L., Mathieu, Y., Nassar, M.: `Successful attack on an FPGA-based WDDL DES crypto-processor without place and route constraints', DATE, 2009, p. 640–645.
    20. 20)
      • Brier, E., Clavier, C., Olivier, F.: `Optimal statistical power analysis', Report 2003/152,, 2003, cryptology ePrint Archive.
    21. 21)
      • Coron, J.-S., Goubin, L.: `On boolean and arithmetic masking against differential power analysis', Ches'00, 2000, London, UK, p. 231–237.
    22. 22)
      • J. Daemen , V. Rijmen . (1999) Resistance against implementation attacks: a comparative study of the AES proposals.
    23. 23)
      • Clavier, C., Coron, J.-S., Dabbous, N.: `Differential power analysis in the presence of hardware countermeasures', Proc. Second Int. Workshop on Cryptographic Hardware and Embedded Systems, CHES'00, 2000, p. 252–263.
    24. 24)
      • P. Kocher , J. Jaffe , B. Jun . Differential power analysis. Lecture Notes Comput. Sci. , 388 - 397
    25. 25)
      • Gebotys, C.H., Gebotys, R.J.: `Secure elliptic curve implementations: an analysis of resistance to power-attacks in a DSP Processor', Revised Papers from the Fourth Int. Workshop on Cryptographic Hardware and Embedded Systems, CHES'02, 2003, p. 114–128.
    26. 26)
      • S. Shimizu , H. Ishikawa , A. Satoh , T. Aihara . On-demand design service innovations. IBM J. Res. Dev. , 751 - 765
    27. 27)
      • J. Quisquater , D. Samyde . Electromagnetic analysis (EMA): measures and counter-measures for smart cards. E-smart , 200 - 210
    28. 28)
      • Mangard, S.: `A simple power-analysis (SPA) attack on implementations of the AES key expansion', Fifth Int. Conf. Information Security and Cryptology – ICISC 2002, 28–29 November 2002, Seoul, Korea, p. 343–358, Revised papers, (LNCS, 2587).
    29. 29)
      • H. Saputra , N. Vijaykrishnan , M. Kandemir . Masking the energy behavior of des encryption. DATE
    30. 30)
      • DiBrino, M.T.: `Apparatus and method for managing interrupts in a multiprocessor system', U.S. Patent 5265215, 1993.
    31. 31)
      • Akkar, M.-L., Bevan, R., Dischamp, P., Moyart, D.: `Power analysis, what is now possible', Proc. Sixth Int. Conf. on Theory and Application of Cryptology and Information Security, ASIACRYPT'00, 2000, p. 489–502.
    32. 32)
      • J. Daemen , V. Rijmen . (2002) The design of rijndael: AES – the advanced encryption standard.
    33. 33)
      • W. Stallings . (2002) Cryptography and network security: principles and practice.
    34. 34)
      • Ambrose, J.A., Ragel, R.G., Parameswaran, S.: `RIJID: random code injection to mask power analysis based side channel attacks', DAC, 2007, p. 489–492.
    35. 35)
      • Joye, M., Paillier, P., Schoenmakers, B.: `On second-order differential power analysis', CHES, 2005, p. 293–308.
    36. 36)
      • C. Gebotys . A table masking countermeasure for low-energy secure embedded systems. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. , 7 , 740 - 753
    37. 37)
      • K. Tiri , I. Verbauwhede . A digital design flow for secure integrated circuits. IEEE Trans. CAD Integr. Circuit. Syst. , 7 , 1197 - 1208
    38. 38)
      • National Institute of Standards and Technology: Advanced encryption standard (AES), supersedes FIPS PUB 197–2001, November 2001.
    39. 39)
      • D.D. Hwang , P. Schaumont , K. Tiri , I. Verbauwhede . Securing embedded systems. IEEE Secur. Priv. , 2 , 40 - 49
    40. 40)
      • Samuelsson, T., Akerholm, M., Nygren, P., Stärner, J., Lindh, L.: `A comparison of multiprocessor real-time operating systems implemented in hardware and software', Int. Workshop on Advanced Real-Time Operating System Services (ARTOSS), 2003.
    41. 41)
      • ‘Chip multi processor watch’, http://view.eecs.berkeley.edu/wiki/Chip_Multi_Processor_Watch, accessed 2007.
    42. 42)
      • ‘The PEAS team ASIP meister’. http://www.asip-solutions.com/english/, accessed 2002.
    43. 43)
      • Ambrose, J.A., Ragel, R.G., Parameswaran, S.: `A smart random code injection to mask power analysis based side channel attacks', Proc. Fifth Int. Conf. on Hardware/software codesign and system synthesis, CODES+ISSS'07, 2007, p. 51–56.
    44. 44)
      • S. Danil , M. Julian , B. Alexander , Y. Alex . Design and analysis of dual-rail circuits for security applications. IEEE Trans. Comput. , 4 , 449 - 460
    45. 45)
      • D. Hwang , K. Tiri , A. Hodjat , B.-C. Lai , S. Yang , P. Schaumont , I. Verbauwhede . Aes-based security coprocessor IC in 0.18 um CMOS with resistance to differential power analysis side-channel attacks. IEEE J. Solid-State Circuits , 4 , 781 - 792
    46. 46)
      • Muresan, R., Gebotys, C.H.: `Current flattening in software and hardware for security applications', CODES+ISSS, 2004, p. 218–223.
    47. 47)
      • S.B. Ors , F. Gurkaynak , E. Oswald , B. Preneel . Power-analysis attack on an asic aes implementation. ITCC
    48. 48)
      • ‘Technology@Intel Magazine’, http://www.intel.com/technology/magazine/computing/Coreprogramming-0606.htm, accessed 2007.
    49. 49)
      • Nikitovic, M., Brorsson, M.: `An adaptive chip-multiprocessor architecture for future mobile terminals', Proc. 2002 Int. Conf. on Compilers, Architecture, and Synthesis for Embedded Systems, CASES'02, 2002, p. 43–49.
    50. 50)
      • G.B. Ratanpal , R.D. Williams , T.N. Blalock . An on-chip signal suppression countermeasure to power analysis attacks. IEEE Trans. Depend. Secure Comput. , 3 , 179 - 189
    51. 51)
      • Guilley, S., Sauvage, L., Danger, J.-L., Graba, T., Mathieu, Y.: `Evaluation of power-constant dual-rail logic as a protection of cryptographic applications in FPGAs', SSIRI'08, 2008, p. 16–23.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-cdt.2009.0097
Loading

Related content

content/journals/10.1049/iet-cdt.2009.0097
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address