Bo-Cheng Lai

Prototype IC with WDDL and differential routing – DPA resistance assessment

Wave dynamic differential logic combined with differential routing is a working, practical technique to thwart side-channel power attacks. Measurement-based experimental results show that a differential power analysis attack on a prototype IC, fabricated in 0.18μm CMOS, does not disclose the entire secret key of the AES algorithm at 1,500,000 measurement acquisitions. This makes the attack de facto infeasible. The required number of measurements is larger than the lifetime of the secret key in most practical systems.

AES-Based Security Coprocessor IC in 0.18-

Security ICs are vulnerable to side-channel attacks (SCAs) that find the secret key by monitoring the power consumption or other information that is leaked by the switching behavior of digital CMOS gates. This paper describes a side-channel attack resistant coprocessor IC fabricated in 0.18-

muhbox m

muhbox m

CMOS With Resistance to Differential Power Analysis Side-Channel Attacks

CMOS consisting of an Advanced Encryption Standard (AES) based cryptographic engine, a fingerprint-matching engine, template storage, and an interface unit. Two functionally identical coprocessors have been fabricated on the same die. The first coprocessor was implemented using standard cells and regular routing techniques. The second coprocessor was implemented using a logic style called wave dynamic differential logic (WDDL) and a layout technique called differential routing to combat the differential power analysis (DPA) side-channel attack. Measurement-based experimental results show that a DPA attack on the insecure coprocessor requires only 8000 encryptions to disclose the entire 128-bit secret key. The same attack on the secure coprocessor does not disclose the entire secret key even after 1 500 000 encryptions.

Advanced RF/baseband interconnect schemes for inter- and intra-ULSI communications

Future inter- and intra-ULSI interconnect systems demand extremely high data rates (up to 100 Gbps/pin or 20-Tbps aggregate) as well as bidirectional multiI/O concurrent service, re-configurable computing/processing architecture, and total compatibility with mainstream silicon system-on-chip and system-in-package technologies. In this paper, we review recent advances in interconnect schemes that promise to meet all of the above system requirements. Unlike traditional wired interconnects based solely on time-division multiple access for data transmission, these new interconnect schemes facilitate the use of additional multiple access techniques including code-division multiple access and frequency-division multiple access to greatly increase bandwidth and channel concurrency as well as to reduce channel latency. The physical transmission line is no longer limited to a direct-coupled metal wire. Rather, it can be accomplished via either wired or wireless mediums through capacitor couplers that reduce the baseband noise and dc power consumption while simplifying the fabrication process by eliminating vertical metal studs needed in three-dimensional ICs. These new advances in interconnect schemes would fundamentally alter the paradigm of ULSI data communications and enable the design of next-generation computing/processing systems.

A 3.84 gbits/s AES crypto coprocessor with modes of operation in a 0.18-μm CMOS technology

In this paper an AES crypto coprocessor that is fabricated using a 0.18-μm CMOS technology is presented. This crypto coprocessor performs the AES-128 encryption in both feedback and non-feedback modes of operation. A maximum throughput of 3.84 Gbits/s is achieved at a 330 MHz clock frequency for ECB, OFB, and CBC modes of operation. This crypto coprocessor can be programmed using the memory-mapped interface of an embedded CPU core and is tested using a LEON 32-bit (SPARC V8) processor in the ThumbPod secure system-on-chip.

AES-based cryptographic and biometric security coprocessor IC in 0.18-/spl mu/m CMOS resistant to side-channel power analysis attacks

This paper describes an embedded security coprocessor that consists of four components: an advanced encryption standard (AES) based cryptographic engine, a fingerprint matching oracle, template storage, and an interface unit. Two functionally-identical coprocessors are fabricated using a TSMC 6M 0.18-/spl mu/m process. The first coprocessor uses standard cells and encrypts at 3.84 Gb/s. The second coprocessor uses wave dynamic differential logic (WDDL) combined with differential routing to combat side-channel information leakage through power analysis attacks. It encrypts at 0.99 Gb/s. The coprocessor is part of a security-partitioned embedded system called ThumbPod.

A Cost-Effective Latency-Aware Memory Bus for Symmetric Multiprocessor Systems

This paper presents how a multi-core system can benefit from the use of a latency-aware memory bus capable of dual-concurrent data transfers on a single wire line: Source synchronous CDMA interconnect (SSCDMA-I) has been adopted to implement the memory bus of a shared-memory multi-core system. Two types of bus-based homogeneous and heterogeneous multi-core systems are modeled and simulated by a cycle-accurate simulation platform. Unlike the conventional time-division multiplexing (TDM) bus-based multi-core system that shows degradation in performance as the number of processing cores increases, the proposed SSCDMA bus-based multi-core shows higher performance up to 23.1% for 4 cores. The maximum latency of a heterogeneous multi-core system with a mix of traffic loads has been reduced up to 78%. These results demonstrate that the performance of multi-core systems can be improved with less cost and network complexity by reducing the bus contention interferences and by supporting higher concurrency in memory accesses that brings shorter critical word access latency.

Design flow for HW/SW acceleration transparency in the thumbpod secure embedded system

This paper describes a case study and design flow of a secure embedded system called thumbpod, which uses cryptographic and biometric signal processing acceleration. It presents the concept of HW/SW acceleration transparency, a systematic method to accelerate Java functions in both software and hardware. An example of acceleration transparency for a Rijndael encryption function is presented. Acceleration transparency yields software and hardware performance gains of 333/spl times/.

Testing ThumbPod: Softcore bugs are hard to find

We present the debug and test strategies used in the ThumbPod system for Embedded Fingerprint Authentication. ThumbPod uses multiple levels of programming (Java, C and hardware) with a hierarchy of programmable architectures (KVM on top of a SPARC core on top of an FPGA). The ThumbPod project teamed up seven graduate students in the concurrent development and verification of all these programming layers. We pay special attention to the strengths and weaknesses of our bottom-up testing approach.