This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors
November-December 2007 (vol. 24 no. 6)
pp. 546-555
Sylvain Guilley, École Nationale Supérieure des Télécommunications
Florent Flament, Hewlett-Packard
Philippe Hoogvorst, Centre National de la Recherche Scientifique
Renaud Pacalet, École Nationale Supérieure des Télécommunications
Yves Mathieu, École Nationale Supérieure des Télécommunications
This article presents a comprehensive back-end design flow that enables the realization of constant-power cryptoprocessors, natively protected against side-channel attacks exploiting the instant power consumption. The proposed methodology is based on a fully custom-balanced cell library and an innovative place-and-route method. This article shows that it is indeed possible to implement hardware that is robust against all known power attacks. All the design steps involved in this methodology take place at the layout level. The described flow has been applied to the quasi-delay-insensitive SecLib library with a shielded routing method derived from back-end duplication, using legacy CAD tools for the back-end steps. The authors evaluate the cost of the secured methodology through an example of a multimode DES datapath.

1. D. Suzuki and M. Saeki, "Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style," Proc. 8th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 06), LNCS 4249, Springer, 2006, pp. 255-269.
2. L. Fesquet, J. Quartana, and M. Renaudin, "Asynchronous Systems on Programmable Logic," Proc. Int'l Workshop Reconfigurable Communication-Centric SoCs, Univ. of Montpelier II, 2005, pp. 105-112.
3. S. Moore et al., "Balanced Self-Checking Asynchronous Logic for Smart Card Applications," J. Microprocessors and Microsystems, vol. 27, no. 9, Oct. 2003, pp. 421-430.
4. D. Sokolov, J. Murphy, and A. Bystrov, "Improving the Security of Dual-Rail Circuits," Proc. 6th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 04), LNCS 3256, Springer, 2004, pp. 282-297.
5. A. Bystrov and J.P. Murphy, On-line IDDQ Testing of Security Circuits, tech. report NCL-EECE-MSD-TR-2004, School of Electrical, Electronic and Computer Engineering, Univ. of Newcastle upon Tyne, 2004.
6. S. Guilley et al., "CMOS Structures Suitable for Secured Hardware," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 2, 2004, pp. 1414-1415.
7. M. Shams, J.C. Ebergen, and M.I. Elmasry, "Modeling and Comparing CMOS Implementations of the C-Element," IEEE Trans. VLSI Systems, vol. 6, no. 4, Dec. 1998, pp. 563-567.
8. S. Guilley et al., "The 'Backend Duplication' Method," Proc. 7th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 05), LNCS 3659, Springer, 2005, pp. 383-397.
9. S. Guilley, P. Hoogvorst, and R. Pacalet, "A Fast Pipelined Multi-Mode DES Architecture Operating in IP Representation," Integration, The VLSI J., vol. 40, no. 4, July 2007, pp. 479-489.
10. K. Tiri and I. Verbauwhede, "A VLSI Design Flow for Secure Side-Channel Attack Resistant ICs," Proc. Design, Automation and Test in Europe Conf. (DATE 06), IEEE CS Press, 2005, pp. 58-63.
11. D.D. Hwang et al., "AES-Based Security Coprocessor IC in 0.18-µm CMOS with Resistance to Differential Power Analysis Side-Channel Attacks," IEEE J. Solid-State Circuits, vol. 41, no. 4, Apr. 2006, pp. 781-792.
12. K. Tiri and I. Verbauwhede, "A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 1, 2004, pp. 246-251.
1. P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis: Leaking Secrets," Proc. 19th Ann. Int'l Conf. Cryptology (Crypto 99), LNCS 1666, Springer, 1999, pp. 388-397.
2. L. Goubin and J. Patarin, "DES and Differential Power Analysis (The 'Duplication' Method)," Proc. 1st Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 99), LNCS 1717, Springer, 1999, pp. 158-172.
3. M. Akkar and C. Giraud, "An Implementation of DES and AES Secure against Some Attacks," Proc. 3rd Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 01), LNCS 2162, Springer, 2001, pp. 309-318.
4. S. Mangard, T. Popp, and B.M. Gammel, "Side-Channel Leakage of Masked CMOS Gates," Proc. Topics in Cryptology—CT-RSA, the Cryptographers' Track at the RSA Conf. 2005, LNCS 3376, Springer, 2005, pp. 351-365.
5. K. Tiri, M. Akmal, and I. Verbauwhede, "A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards," Proc. 28th European Solid-State Circuits Conf. (ESSCIRC 02), IEEE Press, 2002, pp. 403-406.
6. K. Tiri and I. Verbauwhede, "A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 1, 2004, pp. 246-251.
7. S. Guilley et al., "CMOS Structures Suitable for Secured Hardware," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 2, 2004, pp. 1414-1415.
8. G.F. Bouesse et al., "DPA on Quasi Delay Insensitive Asynchronous Circuits: Formalization and Improvement," Proc. Design, Automation and Test in Europe Conf, (DATE 05), IEEE CS Press, vol. 1, 2005, pp. 424-429.
9. A. Razafindraibe et al., "A Method to Design Compact Dual-Rail Asynchronous Primitives," Integrated Circuit and System Design, Proc. 15th Int'l Workshop Power and Timing Modeling, Optimization and Simulation (PATMOS 05), LNCS 3728, Springer, 2005, pp. 571-580.
10. D. Suzuki, M. Saeki, and T. Ichikawa, "Random Switching Logic: A Countermeasure against DPA Based on Transition Probability," Cryptology ePrint Archive, Report 2004/346,3 Dec. 2004, http://eprint.iacr.org/2004346.
11. T. Popp and S. Mangard, "Masked Dual-Rail Pre-Charge Logic: DPA-Resistance without Routing Constraints," Proc. 7th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 05), LNCS 3659, Springer, 2005, pp. 172-186.
12. K. Tiri and P. Schaumont, "Changing the Odds against Masked Logic," Proc. 13th Ann. Workshop Selected Areas in Cryptography (SAC 06), Springer, 2006, http://rijndael.ece.vt.edu/schaum/papers 2006sac.pdf.

Index Terms:
robust hardware, back-end design automation, power-constant architectures, side-channel attacks, mitigation, DFM, DFY
Citation:
Sylvain Guilley, Florent Flament, Philippe Hoogvorst, Renaud Pacalet, Yves Mathieu, "Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors," IEEE Design & Test of Computers, vol. 24, no. 6, pp. 546-555, Nov.-Dec. 2007, doi:10.1109/MDT.2007.202
Usage of this product signifies your acceptance of the Terms of Use.