Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity
This paper investigates countermeasures to side-channel attacks. A dynamic partial reconfiguration (DPR) method is proposed for field programmable gate arrays (FPGAs)s to make techniques such as differential power analysis (DPA) and correlation power analysis (CPA) difficult and ineffective. We call...
Main Authors: | , , , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2020-04-01
|
Series: | Cryptography |
Subjects: | |
Online Access: | https://www.mdpi.com/2410-387X/4/2/13 |
_version_ | 1797570882940436480 |
---|---|
author | Ivan Bow Nahome Bete Fareena Saqib Wenjie Che Chintan Patel Ryan Robucci Calvin Chan Jim Plusquellic |
author_facet | Ivan Bow Nahome Bete Fareena Saqib Wenjie Che Chintan Patel Ryan Robucci Calvin Chan Jim Plusquellic |
author_sort | Ivan Bow |
collection | DOAJ |
description | This paper investigates countermeasures to side-channel attacks. A dynamic partial reconfiguration (DPR) method is proposed for field programmable gate arrays (FPGAs)s to make techniques such as differential power analysis (DPA) and correlation power analysis (CPA) difficult and ineffective. We call the technique side-channel power resistance for encryption algorithms using DPR, or SPREAD. SPREAD is designed to reduce cryptographic key related signal correlations in power supply transients by changing components of the hardware implementation on-the-fly using DPR. Replicated primitives within the advanced encryption standard (AES) algorithm, in particular, the substitution-box (SBOX)s, are synthesized to multiple and distinct gate-level implementations. The different implementations change the delay characteristics of the SBOXs, reducing correlations in the power traces, which, in turn, increases the difficulty of side-channel attacks. The effectiveness of the proposed countermeasures depends greatly on this principle; therefore, the focus of this paper is on the evaluation of implementation diversity techniques. |
first_indexed | 2024-03-10T20:31:45Z |
format | Article |
id | doaj.art-33589d0299b14a97a0b3102ea185dc1c |
institution | Directory Open Access Journal |
issn | 2410-387X |
language | English |
last_indexed | 2024-03-10T20:31:45Z |
publishDate | 2020-04-01 |
publisher | MDPI AG |
record_format | Article |
series | Cryptography |
spelling | doaj.art-33589d0299b14a97a0b3102ea185dc1c2023-11-19T21:18:35ZengMDPI AGCryptography2410-387X2020-04-01421310.3390/cryptography4020013Side-Channel Power Resistance for Encryption Algorithms Using Implementation DiversityIvan Bow0Nahome Bete1Fareena Saqib2Wenjie Che3Chintan Patel4Ryan Robucci5Calvin Chan6Jim Plusquellic7Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USADepartment of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USADepartment of Electrical and Computer Engineering, University of North Carolina, Charlotte, NC 27599, USAKlipsch School of Electrical and Computer Engineering, New Mexico State University, Las Cruces, NM 88003, USADepartment of Electrical Engineering and Computer Science, University of Maryland, Baltimore County, MD 20742, USADepartment of Electrical Engineering and Computer Science, University of Maryland, Baltimore County, MD 20742, USADepartment of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USADepartment of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USAThis paper investigates countermeasures to side-channel attacks. A dynamic partial reconfiguration (DPR) method is proposed for field programmable gate arrays (FPGAs)s to make techniques such as differential power analysis (DPA) and correlation power analysis (CPA) difficult and ineffective. We call the technique side-channel power resistance for encryption algorithms using DPR, or SPREAD. SPREAD is designed to reduce cryptographic key related signal correlations in power supply transients by changing components of the hardware implementation on-the-fly using DPR. Replicated primitives within the advanced encryption standard (AES) algorithm, in particular, the substitution-box (SBOX)s, are synthesized to multiple and distinct gate-level implementations. The different implementations change the delay characteristics of the SBOXs, reducing correlations in the power traces, which, in turn, increases the difficulty of side-channel attacks. The effectiveness of the proposed countermeasures depends greatly on this principle; therefore, the focus of this paper is on the evaluation of implementation diversity techniques.https://www.mdpi.com/2410-387X/4/2/13side-channel attack countermeasureFPGA dynamic partial reconfigurationimplementation diversitymoving target architecture |
spellingShingle | Ivan Bow Nahome Bete Fareena Saqib Wenjie Che Chintan Patel Ryan Robucci Calvin Chan Jim Plusquellic Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity Cryptography side-channel attack countermeasure FPGA dynamic partial reconfiguration implementation diversity moving target architecture |
title | Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity |
title_full | Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity |
title_fullStr | Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity |
title_full_unstemmed | Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity |
title_short | Side-Channel Power Resistance for Encryption Algorithms Using Implementation Diversity |
title_sort | side channel power resistance for encryption algorithms using implementation diversity |
topic | side-channel attack countermeasure FPGA dynamic partial reconfiguration implementation diversity moving target architecture |
url | https://www.mdpi.com/2410-387X/4/2/13 |
work_keys_str_mv | AT ivanbow sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT nahomebete sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT fareenasaqib sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT wenjieche sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT chintanpatel sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT ryanrobucci sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT calvinchan sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity AT jimplusquellic sidechannelpowerresistanceforencryptionalgorithmsusingimplementationdiversity |