Abstract
Leaks inside semi-custom ASIC (Application Specific Integrated Circuit) design primitives are rigorously investigated. The study is conducted by measuring a dedicated TEG (Test Element Group) chip with a small magnetic-field probe on the chip surface. Measurement targets are standard cells and a memory macro cell. Leaks inside the primitives are focused as many of conventional countermeasures place measurability boundaries on these primitives. Firstly, it is shown that current-path leak: a leak based on input-dependent active current path within a standard cell [1] is measurable. Major gate-level countermeasures (RSL, MDPL, and WDDL) become vulnerable if the current-path leak is considered. Secondly, it is shown that internal-gate leak: a leak based on non-linear sub-circuit within a XOR cell is measurable. It can be exploited to bias the distribution of the random mask. Thirdly, it is shown that geometric leak: a leak based on geometric layout of the memory matrix structure is measurable. It is a leak correlated to integer representation of the memory address. We also show that a ROM-based countermeasure (Dual-rail RSL memory [10]) becomes vulnerable with the geometric leak. A general transistor-level design method to counteract the current-path and internal-gate leaks is also shown.
Chapter PDF
Similar content being viewed by others
References
Takahashi, Y.: Cryptographic Module Evaluation Methods for Resistance against Power Analysis Attacks. Doctoral thesis, Yokohama National University (2012)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. CRYPTO (1999)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer (2007)
Suzuki, D., Saeki, M., Ichikawa, T.: DPA Leakage Models for CMOS Logic Circuits. CHES (2005)
Maghrebi, H., Prouff, E., Guilley, S., Danger, J.-L.: A First-Order Leak-Free Masking Countermeasure. CT-RSA (2012)
Moradi, A., Mischke, O., Eisenbarth, T.: Correlation-Enhanced Power Analysis Collision Attack. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 125–139. Springer, Heidelberg (2010)
Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and electromagnetic analysis: Improved model, consequences and comparisons. Integration, the VLSI Journal 40(1), 52–60 (2007)
Mangard, S., Schramm, K.: Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006)
Suzuki, D., Saeki, M., Ichikawa, T.: Random Switching Logic: A Countermeasure against DPA based on Transition Probability. IACR Cryptology ePrint Archive 2004: 346 (2004)
Li, Y., Sakiyama, K., Gomisawa, S., Fukunaga, T., Takahashi, J., Ohta, K.: Fault Sensitivity Analysis. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 320–334. Springer, Heidelberg (2010)
Silicon zoo, Megamos chip XOR gate, http://www.siliconzoo.org/megamos.html
Hoogvorst, P., Duc, G., Danger, J.-L.: Software Implementation of Dual-Rail Representation. In: COSADE 2011 (2011)
Shah, S., Velegalati, R., Kaps, J.-P., Hwang, D.: Investigation of DPA Resistance of Block RAMs in Cryptographic Implementations on FPGAs. Reconfig 2010 (2010)
Konur, E., Ozelci, Y., Arikan, E., Eksi, U.: Power Analysis Resistant SRAM. In: WAC 2006 (2006)
Rožić, V., Dehaene, W., Verbaushede, I.: Design Solutions for Securing SRAM Cell Against Power Analysis. In: HOST 2012 (2012)
Side-channel Attack Standard Evaluation Board (SASEBO-RII), http://www.morita-tech.co.jp/SAKURA/en/hardware/SASEBO-RII.html
Tiri, K., Schaumont, P.: Changing the Odds against Masked Logic. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 134–146. Springer, Heidelberg (2007)
Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: DATE 2004 (2004)
Uyemura, J.P.: Introduction to VLSI Circuits and Systems. Wiley (2001)
Hashimoto, Y., Iwai, K., Shiozaki, M., Asagawa, S., Ukai, S., Fujino, T.: AES Cryptographic Circuit utilizing Dual-Rail RSL Memory Technique. In: The 29th Symposium on Cryptography and Information Security (2012) (in Japanese)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 International Association for Cryptologic Research
About this paper
Cite this paper
Sugawara, T., Suzuki, D., Saeki, M., Shiozaki, M., Fujino, T. (2013). On Measurable Side-Channel Leaks Inside ASIC Design Primitives. In: Bertoni, G., Coron, JS. (eds) Cryptographic Hardware and Embedded Systems - CHES 2013. CHES 2013. Lecture Notes in Computer Science, vol 8086. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40349-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-40349-1_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40348-4
Online ISBN: 978-3-642-40349-1
eBook Packages: Computer ScienceComputer Science (R0)