Design and characterisation of an AES chip embedding countermeasures

Authors:
Jacques Fournier;Jean-Baptiste Rigaud;Sylvain Bouquet;Bruno Robisson;Assia Tria;Jean-Max Dutertre;Michel Agoyan
Affiliations:
CEA-LETI Minatec, CMPGC, 880 Route de Mimet, 13541 Gardanne, France.;Ecole Nationale Supérieure des Mines de Saint Etienne, CMPGC, 880 Route de Mimet, 13541 Gardanne, France;CEA-LETI Minatec, CMPGC, 880 Route de Mimet, 13541 Gardanne, France.;CEA-LETI Minatec, CMPGC, 880 Route de Mimet, 13541 Gardanne, France.;CEA-LETI Minatec, CMPGC, 880 Route de Mimet, 13541 Gardanne, France.;Ecole Nationale Supérieure des Mines de Saint Etienne, CMPGC, 880 Route de Mimet, 13541 Gardanne, France.;CEA-LETI Minatec, CMPGC, 880 Route de Mimet, 13541 Gardanne, France.
Venue:
International Journal of Intelligent Engineering Informatics
Year:
2011

Citing 26
Cited 1

Elliptic curves in cryptography

Elliptic curves in cryptography
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis

IEEE Transactions on Computers
A Practical Implementation of the Timing Attack

CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards

E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Low Cost Attacks on Tamper Resistant Devices

Proceedings of the 5th International Workshop on Security Protocols
A Parity Code Based Fault Detection for an Implementation of the Advanced Encryption Standard

DFT '02 Proceedings of the 17th IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems
Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards

CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks

CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Electromagnetic Analysis: Concrete Results

CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Optical Fault Induction Attacks

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Robust Protection against Fault-Injection Attacks on Smart Cards Implementing the Advanced Encryption Standard

DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Evaluating the robustness of secure triple track logic through prototyping

Proceedings of the 21st annual symposium on Integrated circuits and system design
Differential Behavioral Analysis

CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Mutual Information Analysis

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Evaluation of Power Constant Dual-Rail Logics Countermeasures against DPA with Design Time Security Metrics

IEEE Transactions on Computers
Implementing virtual secure circuit using a custom-instruction approach

CASES '10 Proceedings of the 2010 international conference on Compilers, architectures and synthesis for embedded systems
How to flip a bit?

IOLTS '10 Proceedings of the 2010 IEEE 16th International On-Line Testing Symposium
Automated design of cryptographic devices resistant to multiple side-channel attacks

CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
A comparative cost/security analysis of fault attack countermeasures

FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
DFA on AES

AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The “backend duplication” method

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
When clocks fail: on critical paths and clock faults

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application

Virus in a smart card: Myth or reality?

Journal of Information Security and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

In critical communication infrastructures, hardware accelerators are often used to speed up cryptographic calculations. Their resistance to physical attacks determines how secure the overall infrastructure is. In this paper, we describe the implementation and characterisation of an AES accelerator embedding security features against physical attacks. This AES chip is implemented in HCMOS9gp 130 nm STM technology. The countermeasure is based on duplication and works on complemented values in parallel. The chip was tested against side channel attacks showing the efficiency of the proposed countermeasure against such attacks. Fault injection tests based on the use of local laser shoots showed that the fault detection mechanism did indeed react as expected. However, using clock set-up time violations, 80% of the secret key were retrieved in less than 40 hours, thus illustrating the limits of the duplication countermeasure against a global fault attack which was published after the chip was designed.