In the side-channel session of this years FPL conference in Oslo, Le
Masle et al. presented a novel framework to detect power attacks on crypto-systems implemented on
reconfigurable hardware. Roughly speaking, rather than putting expensive countermeasures
in place, their strategy is to shut down the device as soon as a power analysis
attack is mounted. Detection of a power analysis attack is done by monitoring the
device supply voltage with a ring oscillator-based on-chip power monitor. With
such a power monitor in place, it is possible to observe the power supply
voltage to make assumptions whether a power measurement circuit has been
inserted onto a device’s power rail. The entire framework is relatively cheap
to implement in hardware, it only takes 3300 LUTs of a Spartan-6 LX45 FPGA,
which is 12% of the total area available.
In the second paper of the session,
Mane et al. discussed a “new’ approach to efficiently and “securely” implement
block ciphers, taking AES as an example. Their approach is more or less a version
of hiding, where the goal is to keep the power consumption constant, by keeping
the number of bit flips in each cycle constant. For their AES implementation,
they use a second look-up table that holds the complementary bits of the
original AES look-up table. In addition, they use a special data format, where each 32-bit word is split
into two balanced half-words, and each bit from the original word is
interleaved with an associated complementary bit. In theory, such a solution
should result in constant bit flips, however, everyone who attempted to
implement hiding countermeasures in practice knows about the difficulty to do
this in secure way. The main challenge is to perfectly balance the circuits for
each data bit with its complementary counterpart, a task that is almost impossible to realize on an FPGA device.
No comments:
Post a Comment