Davide Bellizia

Implementation of the PRESENT-80 block cipher and analysis of its vulnerability to Side Channel Attacks Exploiting Static Power

In this work, the implementation of the PRESENT-80 block cipher in a 40nm CMOS technology, and its vulnerability to Side Channel Attacks Exploiting Static Power is investigated. In the last two decades, several countermeasures to thwart DPA/CPA attacks based on the exploitation of dynamic power consumption have been proposed. In particular, WDDL logic style is a gate-level countermeasure, to Power Analysis Attacks exploiting dynamic Power. It has been demonstrated that, in deep sub-micron technologies, the static power consumption is no more negligible as in the past and malicious attackers can benefit from the dependability of the static power consumption on the processed data: Leakage Power Analysis (LPA) has been proposed to recover sensible information. The possibility to recover the secret key from a protected secure implementation exploiting static power is not a minor threat, and we analyze this vulnerability with actual security metrics and with an information theoretic approach, showing that gate level countermeasures such as WDDL can be successfully attacked exploiting static power instead of dynamic power.

Template attacks exploiting static power and application to CMOS lightweight crypto‐hardware

Summary A new class of template attacks aiming at recovering the secret key of a cryptographic core from measurements of its static power consumption is presented in this paper. These attacks exploit the dependence of the static current of Complementary metal–oxide–semiconductor Integrated Circuits on the input vector and the maximum likelihood decision rule as a statistical distinguisher. In the proposed Template Attacks Exploiting Static Power (TAESP), we take advantage of the temperature dependence of static currents in order to build a new multivariate approach able to extract relevant information from cryptographic devices. As a validation case study, we consider the PRESENT-80 block cypher algorithm and its implementation on a 40 nm Complementary metal–oxide–semiconductor process. Monte Carlo and corner simulations at transistor level are used to show the effectiveness of the TAESP in the presence of die-to-die and intra-die process variations. A real attack scenario is then built by adding Gaussian noise to current samples extracted from transistor-level simulations. The univariate TAESP in which just one temperature is considered to build the templates is compared against the multivariate TAESP in which measurements at different controlled temperatures are exploited. This comparison shows that using just a few different temperatures to build multivariate templates allows to strongly increase the effectiveness of the attack. Copyright

Multivariate Analysis Exploiting Static Power on Nanoscale CMOS Circuits for Cryptographic Applications

Latest nanometer CMOS technology nodes have highlighted new issues in security of cryptographic hardware implementations. The constant growth of the static power consumption has led to a new class of side-channel attacks. Common attacks exploiting static power use an univariate approach to recover information from cryptographic engines. In our work, a multivariate approach based on information theoretic security metrics is presented. The temperature-dependence helps to exploit more information leakage from the hardware implementation. Starting from a univariate analysis, mutual information reveals that increasing the working temperature, the information leaked through the static power side channel is increased as well. In this work a multivariate analysis exploiting static power consumption is presented in which the temperature-domain is used to extract more information. The use of information theoretic approach allows to precisely quantify the amount of information that can be leaked from a cryptographic hardware implementation. The perceived information shows taking advantage of the use of more than one temperature, the security level can be decreased. The improvement achieved using the presented approach is demonstrated on a 40 nm CMOS implementation of the Present 80 crypto core.

Design of Low-Voltage High-Speed CML D-Latches in Nanometer CMOS Technologies

This paper presents the design of a novel low-voltage high-speed D-latch circuit suitable for nanometer CMOS technologies. The proposed topology is compared against the low-voltage triple-tail D-latch and its advantages are demonstrated both by simulations, under different performance/power consumption tradeoffs with a 40-nm CMOS technology, and theoretically, thanks to a simple model of the propagation delay derived for both low-voltage topologies. In order to further demonstrate the advantages of the proposed topology, it has also been used to design a D flip-flop (DFF), where thanks to the feature to need just 1 clock differential pair; a further speed improvement is achieved over the conventional triple-tail topology. Indeed, by comparing a two-stage frequency divider designed using both the triple-tail DFF and the proposed folded DFF, a 54% improvement in the maximum operating frequency is found when using the proposed folded DFF.

On-chip analog current equalizer as a countermeasure against side-channel attacks in CMOS nanometer technology

The possibility of recovering sensible information through the observation of dynamic power consumption of a cryptographic device is a critical issue in security applications. As it has been widely demonstrated in the literature, it is possible to reveal the secret keys of a cryptographic device exploiting the information leaked by the implementation through the power side channel. An on-chip, analog, current mode, power consumption equalizer is proposed in this work to overcome the possibility of a successful CPA/DPA attack. The proposed current equalizer circuit allows reducing the variability in the current drawn by a cryptographic CMOS circuit at each clock cycle. This approach allows to avoid full custom logic styles and/or balanced differential routing and can be directly applied to cryptographic devices implemented in standard CMOS logic.

Novel measurements setup for attacks exploiting static power using DC pico-ammeter

The static power consumption in modern integrated circuits has become a critical standpoint in side-channel analysis. As it has been widely demonstrated in the technical literature, it is possible to extract secret information from a cryptographic circuit by means of static current measurements. Static and dynamic power analysis require different measurement procedures, due to physical reasons. In this work, we present a novel measurement setup, which aims to overcome several issues in measuring static currents, such as extremely low SNR and temperature dependency, providing a low-cost solution to carry out Attacks Exploiting Static Power (AESP). The proposed measurement setup is based on a DC pico-ammeter, which allows to acquire DC currents after a long integration time, and on a thermal feedback loop exploiting a commercial Peltier cell to set and control the working temperature of the cryptographic processor. To verify the effectiveness of the proposed setup, AESP have been successfully implemented on a 4×4 bit crypto-core, extracted from a bit slice implementation of the PRESENT-80 algorithm and implemented on a 45nm Xilinx Spartan-6 FPGA.

VHDL implementation of FWL RLS algorithm

The Frisch-Waugh-Lovell (FWL) Recursive Least Squares (RLS) algorithm has been recently proposed as an RLS algorithm with lower computational cost and better numerical properties. We propose a VHDL implementation that has been successfully implemented on a Xilinx Virtex-7 FPGA. The FWL RLS algorithm has a complexity of L2 + O(L) products, instead of 1.5L2 O(L) as in conventional RLS algorithms. Because it removes all matrix operations, separating an L input vector problem into L separate scalar problems, it is stable and often faster in fixed-point arithmetic than conventional RLS. An RLS filter with L inputs is composed of L stages, and the i-th stage (1 = {1, 2, …, L}) has L+ 2-i inputs and L + l-i outputs. The implementation is based on two blocks: a scalar estimation block (EB), which is instantiated once for every layer, and L + l-i identical filtering blocks (FB). For a L-input RLS model, there are L EBs and L(L + l)/2 FBs. Adding an input involves instantiating one additional EB and L + 1 FBs. Removing one input requires the removal of the first layer. The VHDL structure is modular and can be easily adjusted for different values of L. We also present estimated hardware costs over a wide range of L values.

Fully integrable current-mode feedback suppressor as an analog countermeasure against CPA attacks in 40nm CMOS technology

Security of sensible data for ultraconstrained IoT smart devices is one of the most challenging task in modern design. The needs of CPA-resistant cryptographic devices has to deal with the demanding requirements of small area and small impact on the overall power consumption. In this work, a novel current-mode feedback suppressor as on-chip analog-level CPA countermeasure is proposed. It aims to suppress differences in power consumption due to data-dependency of CMOS cryptographic devices, in order to counteract CPA attacks. The novel countermeasure is able to improve MTD of unprotected CMOS implementation of at least three orders of magnitude, providing a ×1.1 area and ×1.7 power overhead.