DocumentCode
1906066
Title
Towards an AES crypto-chip resistant to differential power analysis
Author
Pramstaller, N. ; Gurkaynak, Frank K. ; Haene, S. ; Kaeslin, H. ; Felber, N. ; Fichtner, W.
Author_Institution
Inst. for Appl. Inf. Process. & Commun., Technische Univ. Graz, Austria
fYear
2004
fDate
21-23 Sept. 2004
Firstpage
307
Lastpage
310
Abstract
Differential power analysis (DPA) implies measuring the supply current of a cipher-circuit in an attempt to uncover part of a cipher-key. Cryptographic security gets compromised if the current waveforms so obtained correlate with those from a hypothetical power model of the circuit. Such correlations can be minimized by masking datapath operations with random bits in a reversible way. We analyze such countermeasures and discuss how they perform and how well they lend themselves to being incorporated into dedicated hardware implementations of the advanced encryption standard (AES) block cipher. Our favorite masking scheme entails a performance penalty of some 40-50%. We also present a VLSI design that can serve for practical experiments with DPA.
Keywords
VLSI; block codes; correlation methods; cryptography; data privacy; AES block cipher; AES crypto-chip; ASIC implementation; DPA; VLSI; cipher-circuit supply current measurement; cipher-key; circuit power model; correlation methods; cryptographic security; datapath operations masking; differential power analysis resistance; hardware implementation; masking countermeasures; performance penalty; reversible random bits masking; Application specific integrated circuits; CMOS technology; Clocks; Cryptography; Energy consumption; Hardware; Information analysis; Power measurement; Switches; Very large scale integration;
fLanguage
English
Publisher
ieee
Conference_Titel
Solid-State Circuits Conference, 2004. ESSCIRC 2004. Proceeding of the 30th European
Print_ISBN
0-7803-8480-6
Type
conf
DOI
10.1109/ESSCIR.2004.1356679
Filename
1356679
Link To Document