Design space extension for secure implementation of block ciphers

Security has been identified as a critical dimension in the design of embedded systems for almost a decade. A well-recognised critical threat against the security of embedded systems is represented by `side-channel attacks (SCAs)´, which mandate the application of specially tailored countermeasures. These countermeasures are significantly demanding in terms of computation effort, and have traditionally been applied by hand. The recent introduction of a methodology to gauge the security margins provided by software cipher implementations, allows the integration of the automated application of countermeasures into platform-based system-level design methodologies. The authors introduce in the design space of block cipher implementations a new metric concerning the resistance against SCAs, provide a systematic method for the selection of the most appropriate cipher given the security and performance trade-offs, and point out the performance requirements for the random number generator. Moreover, they discuss the implications of the design space extension on system runtime adaptivity. The experimental evaluation demonstrates that a single cipher does not cover optimally a range of convenient operating points and that ciphers like a Serpent, which are considered slow in non-protected implementations, can outperform primitives like the Advanced Encryption Standard when implementations with equal security guarantees against SCAs are considered.