TY - GEN
T1 - Combined SCA and DFA countermeasures integrable in a FPGA design flow
AU - Bhasin, Shivam
AU - Danger, Jean Luc
AU - Flament, Florent
AU - Graba, Tarik
AU - Guilley, Sylvain
AU - Mathieu, Yves
AU - Nassar, Maxime
AU - Sauvage, Laurent
AU - Selmane, Nidhal
PY - 2009/12/1
Y1 - 2009/12/1
N2 - The main challenge when implementing cryptographic algorithms in hardware is to protect them against attacks that target directly the device. Two strategies are customarily employed by malevolent adversaries: observation and differential perturbation attacks, also called SCA and DFA in the abundant scientific literature on this topic. Numerous research efforts have been carried out to defeat respectively SCA or DFA. However, few publications deal with concomitant protection against both threats. The current consensus is to devise algorithmic countermeasures to DFA and subsequently to synthesize the DFA-protected design thanks to a DPA-resistant CAD flow. In this article, we put to the fore that this approach is the best neither in terms of performance nor of relevance. Notably, the contribution of this paper is to demonstrate that the strongest SCA countermeasure known so far, namely the dual-rail with precharge logic styles that do not evaluate early, happen surprisingly to be almost natively immune to most DFAs. Therefore, unexpected two-in-one solutions against SCA and DFA indeed exist and deserve a closer attention, because they ally simplicity with efficiency. In particular, we illustrate a logic style, called WDDL without early evaluation (WDDL w/o EE), and a design flow that realizes in practice one possible combined DPA and DFA counter-measure especially suited for reconfigurable hardware.
AB - The main challenge when implementing cryptographic algorithms in hardware is to protect them against attacks that target directly the device. Two strategies are customarily employed by malevolent adversaries: observation and differential perturbation attacks, also called SCA and DFA in the abundant scientific literature on this topic. Numerous research efforts have been carried out to defeat respectively SCA or DFA. However, few publications deal with concomitant protection against both threats. The current consensus is to devise algorithmic countermeasures to DFA and subsequently to synthesize the DFA-protected design thanks to a DPA-resistant CAD flow. In this article, we put to the fore that this approach is the best neither in terms of performance nor of relevance. Notably, the contribution of this paper is to demonstrate that the strongest SCA countermeasure known so far, namely the dual-rail with precharge logic styles that do not evaluate early, happen surprisingly to be almost natively immune to most DFAs. Therefore, unexpected two-in-one solutions against SCA and DFA indeed exist and deserve a closer attention, because they ally simplicity with efficiency. In particular, we illustrate a logic style, called WDDL without early evaluation (WDDL w/o EE), and a design flow that realizes in practice one possible combined DPA and DFA counter-measure especially suited for reconfigurable hardware.
KW - Computer-Aided Design (CAD)
KW - Differential Fault Analysis (DFA)
KW - Differential Power Analysis (DPA)
KW - Dual-rail with Precharge Logic (DPL)
KW - Early Evaluation (EE)
KW - Field Programmable Gates Array (FPGA)
KW - Side-Channel Analysis (SCA)
KW - Wave Dynamic Differential Logic (WDDL)
U2 - 10.1109/ReConFig.2009.50
DO - 10.1109/ReConFig.2009.50
M3 - Conference contribution
AN - SCOPUS:77950511615
SN - 9780769539171
T3 - ReConFig'09 - 2009 International Conference on ReConFigurable Computing and FPGAs
SP - 213
EP - 218
BT - ReConFig'09 - 2009 International Conference on ReConFigurable Computing and FPGAs
T2 - 2009 International Conference on ReConFigurable Computing and FPGAs, ReConFig'09
Y2 - 9 December 2009 through 11 December 2009
ER -