CryptoDB

Paper: Your Rails Cannot Hide from Localized EM: How Dual-Rail Logic Fails on FPGAs

Authors: Vincent Immler Robert Specht Florian Unterstein DOI: 10.1007/978-3-319-66787-4_20 Search ePrint Search Google CHES 2017 Protecting cryptographic implementations against side-channel attacks is a must to prevent leakage of processed secrets. As a cell-level countermeasure, so called DPA-resistant logic styles have been proposed to prevent a data-dependent power consumption.As most of the DPA-resistant logic is based on dual-rails, properly implementing them is a challenging task on FPGAs which is due to their fixed architecture and missing freedom in the design tools.While previous works show a significant security gain when using such logic on FPGAs, we demonstrate this only holds for power-analysis. In contrast, our attack using high-resolution electromagnetic analysis is able to exploit local characteristics of the placement and routing such that only a marginal security gain remains, therefore creating a severe threat.To further analyze the properties of both attack and implementation, we develop a custom placer to improve the default placement of the analyzed AES S-box. Different cost functions for the placement are tested and evaluated w.r.t. the resulting side-channel resistance on a Spartan-6 FPGA. As a result, we are able to more than double the resistance of the design compared to cases not benefiting from the custom placement.
BibTeX
@inproceedings{ches-2017-28928,
title={Your Rails Cannot Hide from Localized EM: How Dual-Rail Logic Fails on FPGAs},
booktitle={Cryptographic Hardware and Embedded Systems – CHES 2017},
series={Lecture Notes in Computer Science},
publisher={Springer},
volume={10529},
pages={403-424},
doi={10.1007/978-3-319-66787-4_20},
author={Vincent Immler and Robert Specht and Florian Unterstein},
year=2017
}