CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation
Proceedings of the conference on Design, automation and test in Europe - Volume 1
Dynamic differential self-timed logic families for robust and low-power security ICs
Integration, the VLSI Journal
Evaluation of the Masked Logic Style MDPL on a Prototype Chip
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Information Theoretic Evaluation of Side-Channel Resistant Logic Styles
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Transactions on Computational Science IV
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
How to Compare Profiled Side-Channel Attacks?
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Analysis and mitigation of process variation impacts on Power-Attack Tolerance
Proceedings of the 46th Annual Design Automation Conference
A formal study of power variability issues and side-channel attacks for nanoscale devices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Generic side-channel distinguishers: improvements and limitations
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Templates vs. stochastic methods
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
A systematic evaluation of compact hardware implementations for the rijndael s-box
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
A design methodology for secured ICs using dynamic current mode logic
PATMOS'05 Proceedings of the 15th international conference on Integrated Circuit and System Design: power and Timing Modeling, Optimization and Simulation
A stochastic model for differential side channel cryptanalysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Masked dual-rail pre-charge logic: DPA-resistance without routing constraints
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Unified and optimized linear collision attacks and their application in a non-profiled setting
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
In a recent work from Eurocrypt 2011, Renauld et al. discussed the impact of the increased variability in nanoscale CMOS devices on their evaluation against side-channel attacks. In this paper, we complement this work by analyzing an implementation of the AES S-box, in the DDSLL dual-rail logic style, using the same 65-nanometer technology. For this purpose, we first compare the performance results of the static CMOS and dual-rail S-boxes. We show that full custom design allows to nicely mitigate the performance drawbacks that are usually reported for dual-rail circuits. Next, we evaluate the side-channel leakages of these S-boxes, using both simulations and actual measurements. We take advantage of state-of-the-art evaluation tools, and discuss the quantity and nature (e.g. linearity) of the physical information they provide. Our results show that the security improvement of the DDSLL S-box is typically in the range of one order of magnitude (in terms of "number of traces to recover the key"). They also confirm the importance of a profiled information theoretic analysis for the worst-case security evaluation of leaking devices. They finally raise the important question whether dual-rail logic styles remain a promising approach for reducing the side-channel information leakages in front of technology scaling, as hardware constraints such as balanced routing may become increasingly challenging to fulfill, as circuit sizes tend towards the nanometer scale.