مقاوم‌سازی الگوریتم‌های رمزنگاری در داخل FPGA به کمک PLL

نویسندگان

دانشکده مهندسی برق و کامپیوتر - دانشگاه زنجان

چکیده

امروزه اشتراک اطلاعات در سیستم‌های مخابراتی و کامپیوترها نیازمند امنیت بسیار بالایی است. در این میان، حملات کانال جانبی همواره به‌عنوان یکی از چالش‌های امنیتی در رمزنگاری سیستم‌ها می‌باشد، که برای حمله به ادوات رمزنگاری ازجمله کارت‌های هوشمند بکار می‌رود. در این مقاله هدف ارائه طرح جدیدی برای مقاوم‌سازی الگوریتم‌های رمزنگاری است که به‌صورت سخت‌افزاری در FPGA  پیاده شده‌است. اساس این طرح استفاده از حلقه فاز قفل شده PLL در الگوریتم‌های رمزنگاری AES می‌باشد که با به هم‌زدن میزان توان مصرفی و زمان‌های اجرای بخش‌های مختلف الگوریتم، مقاومت الگوریتم‌های رمزنگاری را در برابر حملات توان بالا می‌برد. این روش از دو تکنیک masking و hiding برای حفاظت کلید خصوصی رمزنگاری استفاده می‌کند، طرح پیشنهادی در تکنولوژی TSMC 65nm شبیه‌سازی شده و موفقیت قابل‌توجه نشان داده است، به‌طوری‌که توانسته است در رمزنگاری AES با هزینه سربار  13% در فضای اشغالی CMOS و افزایش 15 درصدی توان مصرفی، تنها فرکانس کاری را به اندازه 2% کم کرده و امکان به دست آوردن کلید صحیح برای حمله‌کننده را بسیار سخت نماید. همچنین، روش پیشنهادی بر روی FPGA پیاده‌سازی شده‌است و نتایج رضایت‌بخشی بر روی تعداد قابل قبولی از نمودار توان به‌دست آمده‌است.

کلیدواژه‌ها


عنوان مقاله [English]

Countermeasure cryptography algorithm by PLL to FPGA

نویسندگان [English]

  • V. Rashtchi
  • H. Mousavi
Faculty of Electrical and Computer Engineering, University of Zanjan, Zanjan, Iran
چکیده [English]

Now days, sharing data in communication systems and computers require high levels of Information security. Side channel attack is one of the methods which it is applied to attack cryptographic systems such as smart cards. In this paper, a new approach for countermeasuring cryptographic algorithms has been proposed and implemented on FPGA. The scheme is based on using Phase Locked Loop in AES algorithm which by disturbing power consumption pattern and execution time of different rounds, the resistance of the algorithm against power attack has been increased. Masking and hiding technique has been used to protect the encryption key. Overall, the proposed method has been simulated within TSMC 65nm technology platform and outstanding success has been obtained; in applying the technique to AES, the overhead was 13% in CMOS area, 15% in power consumption, 2% decrease in working frequency while finding the key became difficult for attackers. In addition, the proposed method has been implemented on FPGA and satisfactory results have been obtained for an acceptable number of samples of the power trace.

کلیدواژه‌ها [English]

  • Advanced Encryption Standard (AES)
  • Differential Power Analysis (DPA)
  • Power Analysis (PA)
  • power measurement
  • Field Programmable Gate Array (FPGA)
[1]  M. Lazzaroni, V. Piuri, and C. Maziero, Computer security aspects in industrial instrumentation and measurements, in Proc. IEEE Instrum. Meas. Technol. Conf. (I2MTC), Austin, TX, USA,  pp. 1216–1221, 2010.
[2] P. Bilski and W. Winiecki, Multi-core implementation of the symmetric cryptography algorithms in the measurement system, Measurement, vol.43, no. 8, pp. 1049–1060, 2010.
[3] P. Bilski, W. Winiecki, and T. Adamski, Implementation of symmetric cryptography in embedded systems for secure measurement systems, in Proc. IEEE Instrum. Meas. Technol. Conf. (I2MTC), Warsaw, Poland, pp. 1–6, 2011.
[4] P. Kocher, J. Jaffe, and B. Jun, Differential power analysis, in Proc.19th Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, pp.388–397, 1999.
[5] Lee, J.W., Chung, S.C., Chang, H.C. and Lee, C.Y., Efficient power-analysis-resistant dual-field elliptic curve cryptographic processor using heterogeneous dual-processing-element architecture, IEEE Transactions on very large scale integration (vlsi) systems, 22(1), pp.49-61, 2014.
[6] E. Brier, C. Clavier, and F. Olivier, Correlation power analysis with a leakage model, in Proc. Cryptographic Hardware Embedded Syst.,Cambridge, MA, USA, pp. 16–29, 2004.
[7] S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks, New York,NY, USA: Springer Science Business Media, LLC, 2007.
[8] R. Modugu, Y.-B. Kim, and M. Choi, Design and performance measurement of efficient IDEA (International Data Encryption Algorithm) crypto-hardware using novel Modular arithmetic, in Proc. IEEE Instrum. Meas. Technol. Conf. (I2MTC), Austin, TX , USA, pp.1222–1227, 2010.
[9] S. B. Ors, E. Oswald, and B. Preneel, Power-analysis attacks on an FPGA—First experimental results, in Proc. Workshop Cryptographic Hardware Embedded Syst., LNCS 2779, pp. 35–50, 2003.
[10] J. Wu, Y. Shi, and M. Choi, Measurement and evaluation of power analysis attacks on asynchronous S-box, IEEE Trans. Instrum. Meas.,vol. 61, no. 10, pp.2765–2775, 2012.
[11] K. Tiri and I. Verbauwhede, A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation, in Proc. Des., Autom. Test Eur. Conf. Exhib., vol. 1. pp. 246–251, 2004.
[12] S. Mangard, A simple power-analysis (SPA) attack on implementations of the AES key expansion, Fifth Int. Conf. Information Security and Cryptology, pp. 343358, November 2002.
[13] R. Bevan and E. Knudsen, Ways to enhance differential power analysis,LCNS 2587, pp. 327342, 2003.
[14] Siddika Berna, Ors, Frank K. G, urkaynak, Elisabeth Oswald, and Bart Preneel. Power-Analysis Attack on an ASIC AES Implementation. In Proccedings International Conference on Information Technology - ITCC 2004, Las Vegas, USA, Proceedings, 2004.
[15] J. Li, W. Shan, and C. Tian, Hamming distance model based power analysis for cryptographic algorithms, in Proc. Int. Conf. Front. Manuf. Des. Sci., Chonqqing, China, pp. 867–871, 2011.
[16] Masoumi, M., Habibi, P., Dehghan, A., Jadidi, M. and Yousefi, L., Efficient implementation of power analysis attack resistant advanced encryption standard algorithm on side-channel attack standard evaluation board. International Journal of Internet Technology and Secured Transactions, 6(3), pp.203-218, 2016.
[17] E. Brier, C. Clavier, F. Olivier, "Correlation Power Analysis with a Leakage Model", Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '04), pp. 16-29, 2004.
[18] T.S. Messerges. Using second-order power analysis to attack DPA resistant software. In Cryptographic Hardware and Embedded Systems — CHES 2000 LNCS 1965, pp. 238–252, Springer-Verlag, 2000.
[19] D. Sokolov, J. P. Murphy, A. Bystrov, and A. Yakovlev, Improving the security of dual-rail circuits, in Proc. Workshop CHES, Cambridge,MA, USA, pp. 282–297, 2004.
[20] S. Guiley, S. L. Sauvage, P. Hoogvorst, R. Pacalet, G. M. Bertoni, and S.Chaudhuri, Security evaluation of WDDL and seclib countermeasures against power attacks, IEEE Trans. Comput., vol. 57, pp. 1482–1497, 2008.
[21] D. Hwang, K. Tiri, A. Hodjat, B. C. Lai, S. Yang, P. Schaumont, and I. Verbauwhede, AES-based security coprocessor IC in 0.18μm CMOS with resistance to differential power analysis side-channel attacks, IEEE J. Solid-State Circuits, vol. 41, no. 4, pp. 781-792, Apr. 2006.
[22] T.S. Messerges, E. Dabbish, and R. Sloan, Investigations of Power Analysis Attacks on Smartcards, Proc. USENIX Workshop Smartcard Technology, pp. 151-161, 1999.
[23] S. Yang, W. Wolf, N. Vijaykrishnan, D.N. Serpanos, Y. Xie, Power  attack resistant cryptosystem design: a dynamic voltage and frequency switching approach, in Design, Automation and Test in Europe DATE 2005 (IEEE Computer Society, Los Alamitos), pp. 64–69, 2005.
[24] Daisuke Suzuki, Minoru Saeki, and Tetsuya Ichikawa. Random Switching Logic: A Countermeasure against DPA based on Transition robability. Cryptology ePrint Archive ( http://eprint.iacr.org), Report 2004/346, 2004.
[25] Gülmezoğlu B, Inci MS, Irazoqui G, Eisenbarth T, Sunar B. A faster and more realistic flush+ reload attack on AES. InInternational Workshop on Constructive Side-Channel Analysis and Secure Design, pp.111-126, Springer International Publishing, 2015.
[26] Gülmezoğlu, B., Inci, M.S., Irazoqui, G., Eisenbarth, T. and Sunar, B., A faster and more realistic flush+ reload attack on AES. In International Workshop on Constructive Side-Channel Analysis and Secure Design (pp. 111-126). Springer International Publishing, 2015.
[27] J. J. A. Fournier, S. Moore, H. Li, R. Mullins, and G. Taylor, Security Evaluation of Asynchronous Circuits, Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp. 125-136, 2003.
[28] K. Tiri, D. Hwang, A. Hodjat, B. C. Lai, S. Yang, P. Schaumont, and I. Verbauwhede, Prototype IC with WDDL and differential routing-DPA sesistance assessment, Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp. 354-365, 2005.
[29] Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: revealing the secrets of smart cards. Springer, New York . ISBN: 978-0-387-30857-9, 2007.
[30] Liu PC, Chang HC, Lee CY. A low overhead DPA countermeasure circuit based on ring oscillators. IEEE Transactions on Circuits and Systems II: Express Briefs. Jul;57(7):546-50, 2010.
[31] Lu, Y., O'Neill, M.P. and McCanny, J.V., 2008, December. FPGA implementation and analysis of random delay insertion countermeasure against DPA. In ICECE Technology, 2008. FPT. International Conference on (pp. 201-208). IEEE, 2008.
[32] Moore, S., Anderson, R., Cunningham, P., Mullins, R. and Taylor, G., Improving smart card security using self-timed circuits. In Asynchronous Circuits and Systems, 2002. Proceedings. Eighth International Symposium on (pp. 211-218). IEEE, 2002.
[33] K. Tiri, and I. Verbauwhede, Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology, Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp.125‐136, 2003.
[34] Standaert, F.X., Rouvroy, G. and Quisquater, J.J., 2006, August. FPGA implementations of the DES and Triple-DES masked against power analysis attacks. In Field Programmable Logic and Applications, FPL'06. International Conference on (pp. 1-4). IEEE, 2006.
[35] Johnson, A.P., Chakraborty, R.S. and Mukhopadhyay, D., October. A Novel Attack on a FPGA based True Random Number Generator. In Proceedings of the WESS'15: Workshop on Embedded Systems Security (p. 6). ACM, 2015.
[36] Trimberger SM, editor. Field-programmable gate array technology. Springer Science & Business Media; 2012 Dec 6.
[37] Synopsys. Inc., PrimeTime®PX User Guide Version E-2010.12, Mar. 2011.
[38] M. Alioto, S. Bongiovanni, M. Djukanovic, G. Scotti, and A. Tri filetti, Effectiveness of leakage power an alysis attacks on DPA resistant logic styles under process variations, IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 61, no. 2, pp. 429–442, Feb. 2014.
[39] محمد آسیایی، « دومینو مبتنی بر مقایسه جریان ارتقاءیافته برای طراحی گیت‌های عریض توان پایین،» مجله مهندسی برق دانشگاه تبریز، دوره 47، شماره 1 ،صفحه  1-10  ،1396
[40] پرهام درّی، علی قیاسیان، حسین سعیدی، « طراحی و پیاده‌سازی رمزنگار AES در بستر FPGA برای خطوط پرسرعت،» مجله مهندسی برق دانشگاه تبریز، دوره 46، شماره 1 ،صفحه 153-167، 1395
[41] S. Bongiovanni, F. Centurelli, G. Scotti, and A. Trifiletti. Design and vali-dation through a frequency-based metric of a new countermeasure to pro-tect nanometer ICs from Side-Channel Attacks. Journal of CryptographicEngineering, 5(4):269–288, 2015.
[42] U. R ̈uhrmair, X. Xu, J. S ̈olter, A. Mahmoud, M. Majzoobi, F. Koushanfar, and W. P. Burleson.  Efficient power and timing side channels for physical unclonable functions.  In 16th  International  Workshop  on  Cryptographic Hardware and Embedded Systems (CHES 2014) , pages 476–492, 2014.
[43] A. Moradi, D. Oswald, C. Paar, andP. Swierczynski, Side channel attacks on thebitstream encryption mechanism of AlteraStratix II, inProc. ACM/SIGDA Int. Symp.Field-Programm. Gate Arrays, pp. 91–100, 2013.
[44] D. Suzuki et al., Fabrication of a 3000-6-input-LUTs embedded and block-level power-gated nonvolatile FPGA chip using p-MTJ-based logic-in-memory structure, Proc. Symp. VLSI Circuits, pp. C172-C173, 2015.
[45] Y. Zafar and A. Ahmed, A Novel FPGA Compliant Micropipeline, IEEE Transactions on Circuits and Systems -II: Express Briefs, vol. 52, no. 9, pp. 611-615, September 2005.
[46] M. Khalil, and M. Hani, Verilog Design of a 256-Bit AES Crypto Processor Core, Universiti Teknologi Malaysia, Faculty of Electrical Engineering, 2007.
[47] Trimberger SM, editor. Field-programmable gate array technology. Springer Science & Business Media; 2012 Dec 6.
[48] Avital M, Dagan H, Keren O, Fish A. Randomized multitopology logic against differential power analysis. IEEE Transactions on Very Large Scale Integration (VLSI) Systems. Apr;23(4):702-11, 2015.
[49] D. Hwang, et al., AES-based Security Coprocessor IC in 0.18 μm CMOS with Resistance to Differential Power Analysis Side-Channel Attacks, J. Solid State Circuits, vol. 41, pp. 781-792, Apr. 2006.
[50] Attaran, A. and Mirhassani, M., 2015, July. An embedded low-overhead PLL-based countermeasure against DPA side channel attack. In Signals, Circuits and Systems (ISSCS), International Symposium on (pp. 1-4). IEEE, 2015.
[51] C. Tokunaga, D. Blaauw, Secure AES engine with a local switched-capacitor current equalizer, In Proceedings of ISSCC Dig. Tech. Papers, pp. 274-275, Feb. 2009.
[52] M. Doulcier-Verdier, et al., A side-channel and fault-attack resistant AES circuit working on duplicated complemented values, In Proceedings of ISSCC Dig. Tech. Papers, pp. 274-275, Feb. 2011.