Gate-Level Hardware Countermeasure Comparison against Power Analysis Attacks

Tena-Sánchez, Erica; Potestad-Ordonez, F. E.; Jimenez-Fernandez, C. J.; Acosta, Antonio; Chaves, Ricardo

doi:10.3390/app12052390

Cited by 5 publications

(3 citation statements)

References 73 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In case of detecting an increment in power leakage information, combined DFA and DPA countermeasures can be implemented. In this sense, in the literature a wide range of DPA countermeasures have been proposed that could be compatible with the DFA countermeasures proposed in this paper, as for example the ones focused at gate-level [54].…”

Section: Power Analysis Evaluationmentioning

confidence: 82%

Design and Evaluation of Countermeasures Against Fault Injection Attacks and Power Side-Channel Leakage Exploration for AES Block Cipher

et al. 2022

Self Cite

View full text Add to dashboard Cite

Differential Fault Analysis (DFA) and Power Analysis (PA) attacks, have become the main methods for exploiting the vulnerabilities of physical implementations of block ciphers, currently used in a multitude of applications, such as the Advanced Encryption Standard (AES). In order to minimize these types of vulnerabilities, several mechanisms have been proposed to detect fault attacks. However, these mechanisms can have a significant cost, not fully covering the implementations against fault attacks or not taking into account the leakage of the information exploitable by the power analysis attacks. In this paper, four different approaches are proposed with the aim of protecting the AES block cipher against DFA. The proposed solutions are based on Hamming code and parity bits as signature generators for the internal state of the AES cipher. These allow to detect DFA exploitable faults, from bit to byte level. The proposed solutions have been applied to a T-box based AES block cipher implemented on Field Programmable Gate Array (FPGA). Experimental results suggest a fault coverage of 98.5% and 99.99% with an area penalty of 9% and 36% respectively, for the parity bit signature generators and a fault coverage of 100% with an area penalty of 18% and 42% respectively when Hamming code signature generator is used. In addition, none of the proposed countermeasures impose a frequency degradation, in respect to the unprotected cipher. The proposed work goes further in the evaluation of the proposed DFA countermeasures by evaluating the impact of these structures in terms of power side-channel. The obtained results suggest that no extra information leakage is produced that can be exploited by PA. Overall, the proposed DFA countermeasures provide a high fault coverage protection with a low cost in terms of area and power consumption and no PA security degradation.

show abstract

Section: Power Analysis Evaluationmentioning

confidence: 82%

Design and Evaluation of Countermeasures Against Fault Injection Attacks and Power Side-Channel Leakage Exploration for AES Block Cipher

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…That is why the need to include hardware countermeasures to prevent such attacks. For this purpose, there is a wide range of possibilities that, depending on the requirements and limitations of the application, we can choose from and that can best fit our design [14].…”

Section: Case Of Study and Resultsmentioning

confidence: 99%

A Security Comparison between AES-128 and AES-256 FPGA implementations against DPA attacks

González,

Tena-Sanchez,

Acosta

2023

2023 38th Conference on Design of Circuits and Integrated Systems (DCIS)

Self Cite

View full text Add to dashboard Cite

As the AES is the standard symmetric cipher selected by NIST, is the best-known and the most widely used block cipher. Consequently, security threats are constantly rising and increasingly powerful. With the addition of the upcoming scenario of quantum computing, these threats have become a front-line concern in the crypto-community. Although is claimed that using larger key sizes in symmetric key algorithms for implementing quantum-resistant implementations is enough to counteract brute force attacks, this paper shows that both AES-128 and AES-256 are vulnerable to Power Analysis attacks. This paper presents a security comparison against Differential Power Analysis (DPA) attacks over both AES 128-256. Through experimental attacks in FPGA AES implementations, results show that although AES-256 reaches a greater level of security than AES-128, is still vulnerable to this kind of attack. Specifically, we have obtained 75% of the bytes needed to find the original key for AES-128 while only 28.125% for AES-256 by performing the same attack.

show abstract

“…There are various attack techniques that vary greatly in terms of the execution cost and time, equipment needed, and expertise required. These two characteristics can be used to classify them as active or passive and invasive or non-invasive [ 7 , 8 ]. Figure 1 summarizes the attack classification.…”

Section: Introductionmentioning

confidence: 99%

Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs

Potestad-Ordóñez,

Casado-Galán,

Tena-Sánchez

2024

Sensors

Self Cite

View full text Add to dashboard Cite

The majority of data exchanged between connected devices are confidential and must be protected against unauthorized access. To ensure data protection, so-called cryptographic algorithms are used. These algorithms have proven to be mathematically secure against brute force due to the key length, but their physical implementations are vulnerable against physical attacks. The physical implementation of these algorithms can result in the disclosure of information that can be used to access confidential data. Some of the most powerful hardware attacks presented in the literature are called fault injection attacks. These attacks involve introducing a malfunction into the normal operation of the device and then analyzing the data obtained by comparing them with the expected behavior. Some of the most common methods for injecting faults are the variation of the supply voltage and temperature or the injection of electromagnetic pulses. In this paper, a hardware design methodology using analog-to-digital converters (ADCs) is presented to detect attacks on cryptocircuits and prevent information leakage during fault injection attacks. To assess the effectiveness of the proposed design approach, FPGA-based ADC modules were designed that detect changes in temperature and supply voltage. Two setups were implemented to test the scheme against voltage and temperature variations and injections of electromagnetic pulses. The results obtained demonstrate that, in 100% of the cases, when the correct operating voltage and temperature range were established, the detectors could activate an alarm signal when the cryptographic module was attacked, thus avoiding confidential information leakage and protecting data from being exploited.

show abstract

Gate-Level Hardware Countermeasure Comparison against Power Analysis Attacks

Cited by 5 publications

References 73 publications

Design and Evaluation of Countermeasures Against Fault Injection Attacks and Power Side-Channel Leakage Exploration for AES Block Cipher

Design and Evaluation of Countermeasures Against Fault Injection Attacks and Power Side-Channel Leakage Exploration for AES Block Cipher

A Security Comparison between AES-128 and AES-256 FPGA implementations against DPA attacks

Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs

Contact Info

Product

Resources

About