Side-channel attack resistant AES cryptographic circuits with ROM reducing address-dependent EM leaks

Side-channel attacks reveal the secret key of a cryptographic circuit by measuring power consumption or electromagnetic radiation during cryptographic operations. Side-channel information leaks that are exploited by power analysis (PA) and electromagnetic analysis (EMA) attacks are thought to be caused by consumption current. However, our research group recently found novel geometric leaks that only EMA attacks can target successfully. This paper studies the causes of memory-dependent EM geometric leaks. We find that the current flow from bit-lines to the ground through the activated ROM cell causes the geometric leaks. We propose a new ROM structure to reduce geometric leak, and use the new ROM to design an AES cryptographic circuit that is resistant to side-channel attacks. Our experiments confirm that the new ROM greatly reduces geometric leak and reveals no key data during PA or EMA attacks.