Naofumi Homma

Systematic Design of RSA Processors Based on High-Radix Montgomery Multipliers

This paper presents a systematic design approach to provide the optimized Rivest-Shamir-Adleman (RSA) processors based on high-radix Montgomery multipliers satisfying various user requirements, such as circuit area, operating time, and resistance against side-channel attacks. In order to involve the tradeoff between the performance and the resistance, we apply four types of exponentiation algorithms: two variants of the binary method with/without Chinese Remainder Theorem (CRT). We also introduces three multiplier-based datapath-architectures using different intermediate data forms: 1) single form, 2) semi carry-save form, and 3) carry-save form, and combined them with a wide variety of arithmetic components. Their radices are parameterized from 28 to 2128. A total of 242 datapaths for 1024-bit RSA processors were obtained for each radix. The potential of the proposed approach is demonstrated through an experimental synthesis of all possible processors with a 90-nm CMOS standard cell library. As a result, the smallest design of 861 gates with 118.47 ms/RSA to the fastest design of 0.67 ms/RSA at 153\thinspace 862 gates were obtained. In addition, the use of the CRT technique reduced the RSA operation time of the fastest design to 0.24 ms. Even if we employed the exponentiation algorithm resistant to typical side-channel attacks, the fastest design can perform the RSA operation in less than 1.0 ms.

High-Performance Concurrent Error Detection Scheme for AES Hardware

This paper proposes an efficient concurrent error detection scheme for hardware implementation of the block cipher AES. The proposed scheme does not require an additional arithmetic unit, but simply divides the round function block into two sub-blocks and uses the sub-blocks alternately for encryption (or decryption) and error detection. The number of clock cycles is doubled, but the maximum operating frequency is increased owing to the shortened critical path of the sub-block. Therefore, the proposed scheme has a limited impact on hardware performance with respect to size and speed. AES hardware with the proposed scheme was designed and synthesized using a 90-nm CMOS standard cell library with size and speed optimization options. The compact and high-speed implementations achieved performances of 2.21 Gbps @ 16.1 Kgates and 3.21 Gbps @ 24.1 Kgates, respectively. In contrast, the performances of AES hardware without error detection were 1.66 Gbps @ 12.9 Kgates for the compact version and 4.22 Gbps @ 30.7 Kgates for the high-speed version. There is only a slight difference between the performances with and without error detection. The performance overhead caused by the error detection is evaluated at the optimal balance between size and speed and was estimated to be 14.5% at maximum. Conversely, the AES hardware with the proposed scheme had better performance in some cases. If pipeline operation is allowed, as in the CTR mode, throughputs can easily be boosted by further dividing the sub-blocks. Although the proposed error detection scheme was applied to AES in the present study, it can also be applied to other algorithms efficiently.

Collision-Based Power Analysis of Modular Exponentiation Using Chosen-Message Pairs

This paper proposes new chosen-message power-analysis attacks against public-key cryptosystems based on modular exponentiation, which use specific input pairs to generate collisions between squaring operations at different locations in the two power traces. Unlike previous attacks of this kind, the new attacks can be applied to all the standard implementations of the exponentiation process: binary (left-to-right and right-to-left), m-ary, and sliding window methods. The SPA countermeasure of inserting dummy multiplications can also be defeated (in some cases) by using the proposed attacks. The effectiveness of the attacks is demonstrated by actual experiments with hardware and software implementations of RSA on an FPGA and the PowerPC processor, respectively. In addition to the new collision generation methods, a high-accuracy waveform matching technique is introduced to detect the collisions even when the recorded signals are noisy and the clock has some jitter.

High-resolution side-channel attack using phase-based waveform matching

This paper describes high-resolution waveform matching based on a Phase-Only Correlation (POC) technique and its application for a side-channel attack. Such attacks, such as Simple Power Analysis (SPA) and Differential Power Analysis (DPA), use a statistical analysis of signal waveforms (e.g., power traces) to reduce noise and to retrieve secret information. However, the waveform data often includes displacement errors in the measurements. The use of phase components in the discrete Fourier transforms of the waveforms makes it possible to estimate the displacements between the signal waveforms with higher resolution than the sampling resolution. The accuracy of a side-channel attack can be enhanced using this high-resolution matching method. In this paper, we demonstrate the advantages of the POC-based method in comparison with conventional approaches through experimental DPA and Differential ElectroMagnetic Analysis (DEMA) against a DES software implementation on a Z80 processor.

Fair and Consistent Hardware Evaluation of Fourteen Round Two SHA-3 Candidates

The first contribution of our paper is that we propose a platform, a design strategy, and evaluation criteria for a fair and consistent hardware evaluation of the second-round SHA-3 candidates. Using a SASEBO-GII field-programmable gate array (FPGA) board as a common platform, combined with well defined hardware and software interfaces, we compare all 256-bit version candidates with respect to area, throughput, latency, power, and energy consumption. Our approach defines a standard testing harness for SHA-3 candidates, including the interface specification for the SHA-3 module on our testing platform. The second contribution is that we provide both FPGA and 90-nm CMOS application-specific integrated circuit (ASIC) synthesis results and thereby are able to compare the results. Our third contribution is that we release the source code of all the candidates and by using a common, fixed, publicly available platform, our claimed results become reproducible and open for a public verification.

Graph-based evolutionary design of arithmetic circuits

We present an efficient graph-based evolutionary optimization technique, called evolutionary graph generation (EGG), and the proposed approach is applied to the design of combinational and sequential arithmetic circuits based on parallel counter-tree architecture. The fundamental idea of EGG is to employ general circuit graphs as individuals and manipulate the circuit graphs directly using new evolutionary graph operations without encoding the graphs into other indirect representations, such as the bit strings used in genetic algorithm (GA) proposed by Holland (1992) and trees used in genetic programming (GP) proposed by Koza et al. (1997). In this paper, the EGG system is applied to the design of constant-coefficient multipliers and the design of bit-serial data-parallel adders. The results demonstrate the potential capability of EGG to solve the practical design problems for arithmetic circuits with limited knowledge of computer arithmetic algorithms. The proposed EGG system can help to simplify and speed up the process of designing arithmetic circuits and can produce better solutions to the given problem.

Analysis of Electromagnetic Information Leakage From Cryptographic Devices With Different Physical Structures

This paper presents a novel analysis of electromagnetic (EM) information leakage from cryptographic devices, based on the electromagnetic interference (EMI) theory. In recent years, side-channel attack using side-channel information (e.g., power consumption and EM radiation) is of major concern for designers of cryptographic devices. However, few studies have been conducted to investigate how EM information leakage changes according to devices physical parameters. In this paper, we introduce a cryptographic device model to analyze EM information leakage based on the EMI theory in a systematic manner. This device model makes it possible to acquire the frequency characteristics of EM radiation depending on physical parameters, such as board size and power-line length, accurately. The analysis results show that EM information leakage can be explained by the major EMI parameters such as board size and cable length attached to the board. In addition, we demonstrate that the intensity of EM information leakage from a generic device is also explained by board size and cable length.

Comparative Power Analysis of Modular Exponentiation Algorithms

This paper proposes new chosen-message power-analysis attacks for public-key cryptosystems based on modular exponentiation, where specific input pairs are used to generate collisions between squaring operations at different locations in the two power traces. Unlike previous attacks of this kind, the new attack can be applied to all standard implementations of the exponentiation process, namely binary (left-to-right and right-to-left), m-ary, and sliding window methods. The proposed attack can also circumvent typical countermeasures, such as the Montgomery powering ladder and the double-add algorithm. The effectiveness of the attack is demonstrated in experiments with hardware and software implementations of RSA on an FPGA and a PowerPC processor, respectively. In addition to the new collision generation methods, a highly accurate waveform matching technique is introduced for detecting the collisions even when the recorded signals are noisy and there is a certain amount of clock jitter.

Differential power analysis of AES ASIC implementations with various S-box circuits

Differential Power Analysis experiments are conducted on various ASIC implementations of AES with different S-box architectures: (i) an inverter over Galois Field GF(((22)2)2), (ii) table, (iii) PPRM (Positive Polarity Reed-Muller forms), and (iv) 3-stage PPRM. Dedicated ASIC is developed and its power is measured on the standard evaluation board SASEBO-R. The results show that the S-box implementations have a significant impact on DPA resistance. The results are also compared with that of FPGA implementations to investigate the difference between the platforms.

Non-invasive EMI-based fault injection attack against cryptographic modules

In this paper, we introduce a new type of intentional electromagnetic interference (IEMI) which causes information leakage in electrical devices without disrupting their operation or damaging their physical structure. Such IEMI could pose a severe threat to a large number of electrical devices with cryptographic modules since it can be used for performing fault injection attacks, which in turn allows for obtaining faulty outputs (i.e., ciphertexts) from cryptographic modules and exploiting them to reveal information about secret keys. Such faulty outputs are usually generated by inducing faults into target modules through modification or invasion of the modules themselves. In contrast, IEMI-based fault injection can be performed on the target modules from a distance by using an off-the-shelf injection probe without leaving any hard evidence of the attack. We demonstrate fault injection attacks based on the above IEMI through experiments using an Advanced Encryption Standard (AES) module implemented on a standard evaluation board (SASEBO). The experimental results indicate that generating effective faults is feasible and, therefore, such IEMI presents a tangible threat to many existing electrical devices and systems that use cryptographic modules for secure communication and transactions.