Side-channel countermeasures utilizing dynamic logic reconfiguration: Protecting AES/Rijndael and Serpent encryption in hardware
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F20%3A00342053" target="_blank" >RIV/68407700:21240/20:00342053 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1016/j.micpro.2020.103208" target="_blank" >https://doi.org/10.1016/j.micpro.2020.103208</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1016/j.micpro.2020.103208" target="_blank" >10.1016/j.micpro.2020.103208</a>
Alternative languages
Result language
angličtina
Original language name
Side-channel countermeasures utilizing dynamic logic reconfiguration: Protecting AES/Rijndael and Serpent encryption in hardware
Original language description
Dynamic logic reconfiguration is a concept that allows for efficient on-the-fly modifications of combinational circuit behavior in both ASIC and FPGA devices. The reconfiguration of Boolean functions is achieved by modification of their generators (e.g., shift register-based look-up tables) and it can be controlled from within the chip, without the necessity of any external intervention. This hardware polymorphism can be utilized for the implementation of side-channel attack countermeasures, as demonstrated by Sasdrich et al. for the lightweight cipher PRESENT. In this work, we adapt these countermeasures to two of the AES finalists, namely Rijndael and Serpent. Just like PRESENT, both Rijndael and Serpent are block ciphers based on a substitution-permutation network. We describe the countermeasures and adjustments necessary to protect these ciphers using the resources available in modern Xilinx FPGAs. We describe our implementations and evaluate the side-channel leakage and effectiveness of different countermeasures combinations using a methodology based on Welch’s t-test. Furthermore, we attempt to break the protected AES/Rijndael implementation using second-order DPA/CPA attacks. We did not detect any significant first-order leakage from the fully protected versions of our implementations. Using one million power traces, we detect second-order leakage from Serpent encryption, while AES encryption second-order leakage is barely detectable. We show that the countermeasures proposed by Sasdrich et al. are, with some modifications, successfully applicable to AES and Serpent.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
20206 - Computer hardware and architecture
Result continuities
Project
—
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2020
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Microprocessors and Microsystems
ISSN
0141-9331
e-ISSN
1872-9436
Volume of the periodical
78
Issue of the periodical within the volume
říjen
Country of publishing house
NL - THE KINGDOM OF THE NETHERLANDS
Number of pages
10
Pages from-to
1-10
UT code for WoS article
000579525100003
EID of the result in the Scopus database
2-s2.0-85089077201