TY - GEN
T1 - Evaluation of power-constant dual-rail logic as a protection of cryptographic applications in FPGAs
AU - Guilley, S.
AU - Sauvage, L.
AU - Danger, J. L.
AU - Graba, T.
AU - Mathieu, Y.
PY - 2008/9/19
Y1 - 2008/9/19
N2 - FPGAs are often considered for high-end applications that require embedded cryptography. These devices must thus be protected against physical attacks. However, unlike ASICs, in which custom and backend-level counter-measures can be devised, FPGAs offer less possibilities for a designer to implement counter-measures. We investigate "wave dynamic differential logic" (WDDL), a logic-level counter-measure based on leakage hiding thanks to balanced dual-rail logic. First of all, we report a CAD methodology for achieving WDDL in FPGA. An experimental security evaluation of the DES (or triple-DES) encryption algorithm in WDDL shows that the usage of positive logic is mandatory to resist to straightforward attacks. Second, we discuss how to reduce the size overhead associated with WDDL. The efficiency of some synthesizers is assessed. In the case of DES, we provide with an original heuristic to obtain substitution boxes smaller than those generated automatically with legacy ASIC synthesizers.
AB - FPGAs are often considered for high-end applications that require embedded cryptography. These devices must thus be protected against physical attacks. However, unlike ASICs, in which custom and backend-level counter-measures can be devised, FPGAs offer less possibilities for a designer to implement counter-measures. We investigate "wave dynamic differential logic" (WDDL), a logic-level counter-measure based on leakage hiding thanks to balanced dual-rail logic. First of all, we report a CAD methodology for achieving WDDL in FPGA. An experimental security evaluation of the DES (or triple-DES) encryption algorithm in WDDL shows that the usage of positive logic is mandatory to resist to straightforward attacks. Second, we discuss how to reduce the size overhead associated with WDDL. The efficiency of some synthesizers is assessed. In the case of DES, we provide with an original heuristic to obtain substitution boxes smaller than those generated automatically with legacy ASIC synthesizers.
U2 - 10.1109/SSIRI.2008.31
DO - 10.1109/SSIRI.2008.31
M3 - Conference contribution
AN - SCOPUS:51749102409
SN - 9780769532660
T3 - Proceedings - The 2nd IEEE International Conference on Secure System Integration and Reliability Improvement, SSIRI 2008
SP - 16
EP - 23
BT - Proceedings - The 2nd IEEE International Conference on Secure System Integration and Reliability Improvement, SSIRI 2008
T2 - 2nd IEEE International Conference on Secure System Integration and Reliability Improvement, SSIRI 2008
Y2 - 14 July 2008 through 17 July 2008
ER -