In the side-channel session of this years FPL conference in Oslo, Le Masle et al. presented a novel framework to detect power attacks on crypto-systems implemented on reconfigurable hardware. Roughly speaking, rather than putting expensive countermeasures in place, their strategy is to shut down the device as soon as a power analysis attack is mounted. Detection of a power analysis attack is done by monitoring the device supply voltage with a ring oscillator-based on-chip power monitor. With such a power monitor in place, it is possible to observe the power supply voltage to make assumptions whether a power measurement circuit has been inserted onto a device’s power rail. The entire framework is relatively cheap to implement in hardware, it only takes 3300 LUTs of a Spartan-6 LX45 FPGA, which is 12% of the total area available.
In the second paper of the session, Mane et al. discussed a “new’ approach to efficiently and “securely” implement block ciphers, taking AES as an example. Their approach is more or less a version of hiding, where the goal is to keep the power consumption constant, by keeping the number of bit flips in each cycle constant. For their AES implementation, they use a second look-up table that holds the complementary bits of the original AES look-up table. In addition, they use a special data format, where each 32-bit word is split into two balanced half-words, and each bit from the original word is interleaved with an associated complementary bit. In theory, such a solution should result in constant bit flips, however, everyone who attempted to implement hiding countermeasures in practice knows about the difficulty to do this in secure way. The main challenge is to perfectly balance the circuits for each data bit with its complementary counterpart, a task that is almost impossible to realize on an FPGA device.
Post a Comment