Shall we trust WDDL?

Sylvain Guilley; Sumanta Chaudhuri; Laurent Sauvage; Tarik Graba; Jean Luc Danger; Philippe Hoogvorst; Vinh Nga Vong; Maxime Nassar; Florent Flament

doi:10.1007/978-3-8348-9324-6_22

Shall we trust WDDL?

Sylvain Guilley
, Sumanta Chaudhuri
, Laurent Sauvage
, Tarik Graba
, Jean Luc Danger
, Philippe Hoogvorst
, Vinh Nga Vong
, Maxime Nassar
, Florent Flament

CNRS LTCI

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Abstract

Security is not only a matter of cryptographic algorithms robustness but becomes also a question of securing their implementation. P. Kocher's differential power analysis (DPA) is one of the many side-channel attacks that are more and more studied by the security community. Indeed, side-channel attacks (SCA) have proved to be very powerful on cryptographic algorithms such as DES and AES, customarily implemented in a wide variety of devices, ranging from smart-cards or ASICs to FPGAs. Among the proposed countermeasures, the dual-rail with precharge logic (DPL) aims at hiding information leaked by the circuit by making the power consumption independent of the calculation. However DPL logic could be subject to second order attacks exploiting timing difference between dual nets. In this article, we characterize by simulation, the vulnerability due to timing unbalance in the eight DES substitution boxes implemented in DPL WDDL style. The characterization results in a classification of the nodes according to their timing unbalance. Our results show that the timing unbalance is a major weakness of the WDDL logic, and that it could be used to retrieve the key using a DPA attack. This vulnerability has been experimentally observed on a full DES implementation using WDDL style for Altera Stratix EP1S25 FPGA.

Original language	English
Title of host publication	Future of Trust in Computing
Subtitle of host publication	Proceedings of the First International Conference Future of Trust in Computing 2008: With 58 Illustrations
Publisher	Vieweg+Teubner
Pages	208-215
Number of pages	8
ISBN (Print)	9783834807946
DOIs	https://doi.org/10.1007/978-3-8348-9324-6_22
Publication status	Published - 1 Dec 2009
Externally published	Yes

Access to Document

10.1007/978-3-8348-9324-6_22

Cite this

@inbook{6c3ee64b169545eb89d0fb1ba744d0c9,

title = "Shall we trust WDDL?",

abstract = "Security is not only a matter of cryptographic algorithms robustness but becomes also a question of securing their implementation. P. Kocher's differential power analysis (DPA) is one of the many side-channel attacks that are more and more studied by the security community. Indeed, side-channel attacks (SCA) have proved to be very powerful on cryptographic algorithms such as DES and AES, customarily implemented in a wide variety of devices, ranging from smart-cards or ASICs to FPGAs. Among the proposed countermeasures, the dual-rail with precharge logic (DPL) aims at hiding information leaked by the circuit by making the power consumption independent of the calculation. However DPL logic could be subject to second order attacks exploiting timing difference between dual nets. In this article, we characterize by simulation, the vulnerability due to timing unbalance in the eight DES substitution boxes implemented in DPL WDDL style. The characterization results in a classification of the nodes according to their timing unbalance. Our results show that the timing unbalance is a major weakness of the WDDL logic, and that it could be used to retrieve the key using a DPA attack. This vulnerability has been experimentally observed on a full DES implementation using WDDL style for Altera Stratix EP1S25 FPGA.",

author = "Sylvain Guilley and Sumanta Chaudhuri and Laurent Sauvage and Tarik Graba and Danger, \{Jean Luc\} and Philippe Hoogvorst and Vong, \{Vinh Nga\} and Maxime Nassar and Florent Flament",

year = "2009",

month = dec,

day = "1",

doi = "10.1007/978-3-8348-9324-6\_22",

language = "English",

isbn = "9783834807946",

pages = "208--215",