Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors

Sylvain Guilley; Renaud Pacalet; Yves Mathieu; Florent Flament; Philippe Hoogvorst

doi:10.1109/MDT.2007.202

Design&Test
2007
Issue No. 6 - November-December
Abstract - Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Sylvain Guilley Articles by Florent Flament Articles by Philippe Hoogvorst Articles by Renaud Pacalet Articles by Yves Mathieu

Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors

November-December 2007 (vol. 24 no. 6)

pp. 546-555

	ASCII Text	x
	Sylvain Guilley, Florent Flament, Philippe Hoogvorst, Renaud Pacalet, Yves Mathieu, "Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors," IEEE Design & Test of Computers, vol. 24, no. 6, pp. 546-555, November-December, 2007.

	BibTex	x
	@article{ 10.1109/MDT.2007.202, author = {Sylvain Guilley and Florent Flament and Philippe Hoogvorst and Renaud Pacalet and Yves Mathieu}, title = {Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors}, journal ={IEEE Design & Test of Computers}, volume = {24}, number = {6}, issn = {0740-7475}, year = {2007}, pages = {546-555}, doi = {http://doi.ieeecomputersociety.org/10.1109/MDT.2007.202}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Design & Test of Computers TI - Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors IS - 6 SN - 0740-7475 SP546 EP555 EPD - 546-555 A1 - Sylvain Guilley, A1 - Florent Flament, A1 - Philippe Hoogvorst, A1 - Renaud Pacalet, A1 - Yves Mathieu, PY - 2007 KW - robust hardware KW - back-end design automation KW - power-constant architectures KW - side-channel attacks KW - mitigation KW - DFM KW - DFY VL - 24 JA - IEEE Design & Test of Computers ER -

Sylvain Guilley, École Nationale Supérieure des Télécommunications

Florent Flament, Hewlett-Packard

Philippe Hoogvorst, Centre National de la Recherche Scientifique

Renaud Pacalet, École Nationale Supérieure des Télécommunications

Yves Mathieu, École Nationale Supérieure des Télécommunications

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MDT.2007.202

This article presents a comprehensive back-end design flow that enables the realization of constant-power cryptoprocessors, natively protected against side-channel attacks exploiting the instant power consumption. The proposed methodology is based on a fully custom-balanced cell library and an innovative place-and-route method. This article shows that it is indeed possible to implement hardware that is robust against all known power attacks. All the design steps involved in this methodology take place at the layout level. The described flow has been applied to the quasi-delay-insensitive SecLib library with a shielded routing method derived from back-end duplication, using legacy CAD tools for the back-end steps. The authors evaluate the cost of the secured methodology through an example of a multimode DES datapath.

1. D. Suzuki and M. Saeki, "Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style," Proc. 8th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 06), LNCS 4249, Springer, 2006, pp. 255-269.
2. L. Fesquet, J. Quartana, and M. Renaudin, "Asynchronous Systems on Programmable Logic," Proc. Int'l Workshop Reconfigurable Communication-Centric SoCs, Univ. of Montpelier II, 2005, pp. 105-112.
3. S. Moore et al., "Balanced Self-Checking Asynchronous Logic for Smart Card Applications," J. Microprocessors and Microsystems, vol. 27, no. 9, Oct. 2003, pp. 421-430.
4. D. Sokolov, J. Murphy, and A. Bystrov, "Improving the Security of Dual-Rail Circuits," Proc. 6th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 04), LNCS 3256, Springer, 2004, pp. 282-297.
5. A. Bystrov and J.P. Murphy, On-line IDDQ Testing of Security Circuits, tech. report NCL-EECE-MSD-TR-2004, School of Electrical, Electronic and Computer Engineering, Univ. of Newcastle upon Tyne, 2004.
6. S. Guilley et al., "CMOS Structures Suitable for Secured Hardware," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 2, 2004, pp. 1414-1415.
7. M. Shams, J.C. Ebergen, and M.I. Elmasry, "Modeling and Comparing CMOS Implementations of the C-Element," IEEE Trans. VLSI Systems, vol. 6, no. 4, Dec. 1998, pp. 563-567.
8. S. Guilley et al., "The 'Backend Duplication' Method," Proc. 7th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 05), LNCS 3659, Springer, 2005, pp. 383-397.
9. S. Guilley, P. Hoogvorst, and R. Pacalet, "A Fast Pipelined Multi-Mode DES Architecture Operating in IP Representation," Integration, The VLSI J., vol. 40, no. 4, July 2007, pp. 479-489.
10. K. Tiri and I. Verbauwhede, "A VLSI Design Flow for Secure Side-Channel Attack Resistant ICs," Proc. Design, Automation and Test in Europe Conf. (DATE 06), IEEE CS Press, 2005, pp. 58-63.
11. D.D. Hwang et al., "AES-Based Security Coprocessor IC in 0.18-µm CMOS with Resistance to Differential Power Analysis Side-Channel Attacks," IEEE J. Solid-State Circuits, vol. 41, no. 4, Apr. 2006, pp. 781-792.
12. K. Tiri and I. Verbauwhede, "A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 1, 2004, pp. 246-251.
1. P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis: Leaking Secrets," Proc. 19th Ann. Int'l Conf. Cryptology (Crypto 99), LNCS 1666, Springer, 1999, pp. 388-397.
2. L. Goubin and J. Patarin, "DES and Differential Power Analysis (The 'Duplication' Method)," Proc. 1st Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 99), LNCS 1717, Springer, 1999, pp. 158-172.
3. M. Akkar and C. Giraud, "An Implementation of DES and AES Secure against Some Attacks," Proc. 3rd Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 01), LNCS 2162, Springer, 2001, pp. 309-318.
4. S. Mangard, T. Popp, and B.M. Gammel, "Side-Channel Leakage of Masked CMOS Gates," Proc. Topics in Cryptology—CT-RSA, the Cryptographers' Track at the RSA Conf. 2005, LNCS 3376, Springer, 2005, pp. 351-365.
5. K. Tiri, M. Akmal, and I. Verbauwhede, "A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards," Proc. 28th European Solid-State Circuits Conf. (ESSCIRC 02), IEEE Press, 2002, pp. 403-406.
6. K. Tiri and I. Verbauwhede, "A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 1, 2004, pp. 246-251.
7. S. Guilley et al., "CMOS Structures Suitable for Secured Hardware," Proc. Design, Automation and Test in Europe Conf. (DATE 04), IEEE CS Press, vol. 2, 2004, pp. 1414-1415.
8. G.F. Bouesse et al., "DPA on Quasi Delay Insensitive Asynchronous Circuits: Formalization and Improvement," Proc. Design, Automation and Test in Europe Conf, (DATE 05), IEEE CS Press, vol. 1, 2005, pp. 424-429.
9. A. Razafindraibe et al., "A Method to Design Compact Dual-Rail Asynchronous Primitives," Integrated Circuit and System Design, Proc. 15th Int'l Workshop Power and Timing Modeling, Optimization and Simulation (PATMOS 05), LNCS 3728, Springer, 2005, pp. 571-580.
10. D. Suzuki, M. Saeki, and T. Ichikawa, "Random Switching Logic: A Countermeasure against DPA Based on Transition Probability," Cryptology ePrint Archive, Report 2004/346,3 Dec. 2004, http://eprint.iacr.org/2004346.
11. T. Popp and S. Mangard, "Masked Dual-Rail Pre-Charge Logic: DPA-Resistance without Routing Constraints," Proc. 7th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES 05), LNCS 3659, Springer, 2005, pp. 172-186.
12. K. Tiri and P. Schaumont, "Changing the Odds against Masked Logic," Proc. 13th Ann. Workshop Selected Areas in Cryptography (SAC 06), Springer, 2006, http://rijndael.ece.vt.edu/schaum/papers 2006sac.pdf.

Index Terms:

robust hardware, back-end design automation, power-constant architectures, side-channel attacks, mitigation, DFM, DFY

Citation:

Sylvain Guilley, Florent Flament, Philippe Hoogvorst, Renaud Pacalet, Yves Mathieu, "Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors," IEEE Design & Test of Computers, vol. 24, no. 6, pp. 546-555, Nov.-Dec. 2007, doi:10.1109/MDT.2007.202

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.