A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation
Proceedings of the conference on Design, automation and test in Europe - Volume 1
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Changing the odds against masked logic
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Towards security limits in side-channel attacks
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Dual-rail random switching logic: a countermeasure to reduce side channel leakage
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Security evaluation of DPA countermeasures using dual-rail pre-charge logic style
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Side-channel leakage of masked CMOS gates
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Masked dual-rail pre-charge logic: DPA-resistance without routing constraints
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
DPA leakage models for CMOS logic circuits
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
A Practical DPA Countermeasure with BDD Architecture
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Practical Attacks on Masked Hardware
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Fault Analysis Attack against an AES Prototype Chip Using RSL
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
A Design Methodology for a DPA-Resistant Cryptographic LSI with RSL Techniques
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Power analysis of single-rail storage elements as used in MDPL
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Lightweight cryptography and DPA countermeasures: a survey
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Exploiting dual-output programmable blocks to balance secure dual-rail logics
International Journal of Reconfigurable Computing - Special issue on selected papers from ReconFig 2009 International conference on reconfigurable computing and FPGAs (ReconFig 2009)
Intra-masking dual-rail memory on LUT implementation for tamper-resistant AES on FPGA
Proceedings of the ACM/SIGDA international symposium on Field Programmable Gate Arrays
Security evaluation of a DPA-Resistant s-box based on the fourier transform
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Implementation and evaluation of an SCA-resistant embedded processor
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
LRCG: latch-based random clock-gating for preventing power analysis side-channel attacks
Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
POWER-MODES: POWer-EmulatoR- and MOdel-Based DEpendability and Security Evaluations
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Masked dual-rail precharge logic encounters state-of-the-art power analysis methods
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
A low-entropy first-degree secure provable masking scheme for resource-constrained devices
Proceedings of the Workshop on Embedded Systems Security
| Hi-index | 0.00 |
Masked logic styles use a random mask bit to de-correlate the power consumption of the circuit from the state of the algorithm. The effect of the random mask bit is that the circuit switches between two complementary states with a different power profile. Earlier work has shown that the mask-bit value can be estimated from the power consumption profile, and that masked logic remains susceptible to classic power attacks after only a simple filtering operation. In this contribution we will show that this conclusion also holds for masked pre-charged logic styles and for all practical implementations of masked dual-rail logic styles. Up to now, it was believed that masking and dual-rail can be combined to provide a routing-insensitive logic style. We will show that this assumption is not correct. We demonstrate that the routing imbalances can be used to detect the value of the mask bit. Simulations as well as analysis of design data from an AES chip support this conclusion.