Abstract
The physical attack countermeasures for reconfigurable cryptographic processors are mainly achieved in two ways. One way is to implement all the universal countermeasures to the reconfigurable architecture. Another way is to develop new countermeasures by using the characteristics of the reconfigurable computing. Traditional universal countermeasures do not take full advantage of the characteristics of reconfigurable computing and result in significant performance, area, and power overhead. In addition, new threatening attack methods such as the local electromagnetic attack with the attack precision of gate level, multiple fault attack which can introduce more than one fault in a single execution, and attacks based on ultra-low frequency (kHz level for instance) acoustic or electromagnetic signal continue to emerge. Various existing traditional countermeasures cannot be used to effectively resist these attacks. Compared with the direct application of traditional countermeasures, countermeasures designed based on the characteristics of reconfigurable cryptographic architecture can effectively reduce the performance, area, and power overhead caused by security improvement through resource reuse. What is more, the new countermeasures are expected to resist novel attack methods that have not been effectively overcome. On the one hand, the dynamic and partial reconfiguration feature can be fully exploited to develop countermeasures based on time and spatial randomization. When each execution of the cryptographic algorithm is performed at a different time and circuit region in the array, various precision attacks will not take effect. It just like that when an attacker wants to attack the backdoor of the cryptographic implementation, the randomization method keeps the position of the backdoor changing rapidly, making it difficult for the attacker to attack even when he or she has the key to the backdoor. On the other hand, we can make full use of the structural advantages of reconfigurable processors and fully combine the countermeasure design with the reconfigurable architecture, thus maximizing the advantages of reconfigurable computing. The rich array computing units and interconnection resources on the reconfigurable cryptographic processors can be used to resist physical attacks. With the resource reuse, the consumption caused by countermeasures can be significantly reduced. For example, a physically unclonable function (PUF) can be constructed based on array computing units, and lightweight authentication or security keys can be generated after the basic encryption/decryption operations are performed. The rich interconnection resources on the array can also be fully developed to resist attacks. When various topology attributes of interconnection network changed slightly and randomness was introduced, physical attack countermeasures can be implemented besides the normal data transmission.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Courbon F, Loubet Moundi P, Fournier JJ A et al (2014) Adjusting laser injections for fully controlled faults. In: International workshop on constructive side channel analysis and secure design, pp 229–242
Roscian C, Sarafianos A, Dutertre JM et al (2013) Fault model analysis of laser-induced faults in SRAM memory cells. In: IEEE workshop on fault diagnosis and tolerance in cryptography, pp 89–98
Woudenberg JGJV, Witteman MF, Menarini F (2011) Practical optical fault injection on secure microcontrollers. In: The workshop on fault diagnosis and tolerance in cryptography, pp 91–99
Moro N, Dehbaoui A, Heydemann K et al (2013) Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller. In: IEEE workshop on fault diagnosis and tolerance in cryptography (FDTC), pp 77–88
Beroulle V, Candelier P, Castro SD et al (2014) Laser-induced fault effects in security dedicated circuits. In: IFIP/IEEE international conference on very large scale integration-system on a chip, pp 220–240
Bossuet L, Grand M, Gaspar L et al (2013) Architectures of flexible symmetric key crypto engines: a survey: from hardware coprocessor to multicryptoprocessor system on chip. ACM Comput Surv 45(4):1–32
Wang B, Liu L, Deng C et al (2016) Against double fault attacks: injection effort model, space and time randomization based countermeasures for reconfigurable array architecture. IEEE Trans Inf Forensics Secur 11(6):11511164
Kocher PC (2016) Differential power analysis resistant cryptographic processing. U.S. Patent application 15/236, 739.2016-8-15
Agrawal DRJRR (2003) Multi-channel attacks. In: International workshop on cryptographic hardware and embedded systems-CHES, pp 2–16
Sugawara T, Suzuki D, Saeki M et al (2013) On measurable side-channel leaks inside ASIC design primitives. In: International workshop on cryptographic hardware and embedded systems, pp 159–178
Hutter M, Mangard S, Feldhofer M (2012) Power and EM attacks on passive 13.56Â MHz 13.56 MHz RFID devices. Lect Notes Comput Sci 4727:320333
J175212_201609 (1996) Measurement of radiated emissions from integrated circuits-surface scan method (loop probe method) 10 MHz to 3 GHz. SAE International
Heyszl J, Mangard S, Heinz B et al (2012) Localized electromagnetic analysis of cryptographic implementations. In: Cryptographers’ track at the RSA conference, pp 231–244
Brier E, Clavier C, Olivier F (2004) Correlation power analysis with a leakage model. In: International workshop on cryptographic hardware and embedded systems, pp 16–29
Yoo HS, Herbst C, Mangard S et al (2007) Investigations of power analysis attacks and countermeasures for ARIA. Inf Secur Appl 160–172
Standaert FX, Malkin TG, Yung M (2006) A formal practice-oriented model for the analysis of side-channel attacks. IACR E-Print Archive 134:2
Shan W, Shi L, Fu X et al (2014) A side-channel analysis resistant reconfigurable cryptographic coprocessor supporting multiple block cipher algorithms. In: Design automation conference, pp 1–6
Herder C, Yu MD, Koushanfar F et al (2014) Physical unclonable functions and applications: a tutorial. Proc IEEE 102(8):11261141
Maes R (2013) Physically unclonable functions: constructions, properties and applications. Springer, Dordrecht
Gassend, Blaise, Clarke et al (2002) Silicon physical random functions. In: Proceedings of the 9th ACM conference on computer and communications security, pp 148–160
Suh GE, Devadas S (2007) Physical unclonable functions for device authentication and secret key generation. In: Design automation conference, pp 9–14
Maiti A, Schaumont P (2011) Improved ring oscillator PUF: an FPGA-friendly secure primitive. Springer, New York, pp 375–397
Lee JW, Lim D, Gassend B et al (2004) A technique to build a secret key in integrated circuits for identification and authentication applications. In: Symposium on VLSI circuits, 2004. Digest of technical papers, pp 176–179
Becker GT (2015) The gap between promise and reality: on the insecurity of XOR Arbiter PUFs. Springer, Berlin, pp 535–555
Guajardo J, Kumar SS, Schrijen GJ et al (2007) FPGA intrinsic PUFs and their use for IPl protection. In: International workshop on cryptographic hardware and embedded systems, pp 63–80
Su Y, Holleman J, Otis B (2007) A 1.6 pJ/bit 96% stable chip-ID generating circuit using process variations. In: IEEE international solid-state circuits conference, pp 406–611
Maes R, Tuyls P, Verbauwhede I (2008) Intrinsic PUFs from flip-flops on reconfigurable devices. In: The 3rd Benelux workshop on information and system security
Kumar SS, Guajardo J, Maes R et al (2008) The butterfly PUF protecting IP on every FPGA. In: IEEE international workshop on hardware-oriented security and trust, pp 67–70
Simons P, Sluis EVD, Leest VVD (2012) Buskeeper PUFs, a promising alternative to D flip-flop PUFs. In: IEEE international symposium on hardware-oriented security and trust, pp 7–12
Leest VVD (2012) Comparative analysis of SRAM memories used as PUF primitives. In: Conference on design, automation and test in Europe, pp 1319–1324
Nedospasov D, Seifert JP, Helfmeier C et al (2013) Invasive PUF analysis. In: The workshop on fault diagnosis and tolerance in cryptography, pp 30–38
Kong J, Koushanfar F, Pendyala PK et al (2014) PUFatt: embedded platform attestation based on novel processor-based PUFs. In: Design automation conference, pp 1–6
Cline B, Chopra K, Blaauw D et al (2006) Analysis and modeling of CD variation for statistical static timing. In: IEEE/ACM international conference on computer-aided design, pp 60–66
Kruskal CP, Snir M (1986) A unified theory of interconnection network structure. Theoret Comput Sci 48:7594
Bossuet L, Grand M, Gaspar L et al (2013) Architectures of flexible symmetric key crypto engines-a survey: from hardware coprocessor to multi-crypto-processor system on chip. ACM Comput Surv (CSUR) 45(4):41
Horowitz E, Sahni S (1978) Fundamentals of computer algorithms. Computer Science Press, New York
Wu C, Feng T (1980) On a class of multistage interconnection networks. IEEE Trans Comput 100(8):694702
Lee RB, Shi Z, Yang X (2001) Efficient permutation instructions for fast software cryptography. IEEE Micro 21(6):5669
Damgard I, Ishai Y, Krøigaard M (2010) Perfectly secure multiparty computation and the computational overhead of cryptography. In: Annual international conference on the theory and applications of cryptographic techniques, pp 445–465
Beneš VE (1964) Optimal rearrangeable multistage connecting networks. Bell Syst Tech J 43(4):16411656
Portz M (1991) On the use of interconnection networks in cryptography. In: Workshop on the theory and application of cryptographic techniques, pp 302–315
Wang B, Liu L, Deng C et al (2017) Exploration of Benes network in cryptographic processors: a random infection countermeasure for block ciphers against fault attacks. IEEE Trans Inf Forensics Secur 12(2):309322
Lomné V, Roche T, Thillard A (2012) On the need of randomness in fault attack countermeasures-application to AES. In: IEEE workshop on fault diagnosis and tolerance in cryptography (FDTC), pp 85–94
Agoyan M, Bouquet S, Fournier J et al (2011) Design and characterisation of an AES chip embedding countermeasures. Int J Intell Eng Inf 1(3–4):328–347
Joye M, Manet P, Rigaud J (2007) Strengthening hardware AES implementations against fault attacks. IET Inf Secur 1(3):106
Gierlichs B, Schmidt J, Tunstall M (2012) Infective computation and dummy rounds: fault protection for block ciphers without check-before-output. In: International conference on cryptology and information security in Latin America, pp 305–321
Tupsamudre H, Bisht S, Mukhopadhyay D (2014) Destroying fault invariant with randomization. Springer, New York
Battistello A, Giraud C (2013) Fault analysis of infective AES computations. In: IEEE workshop on fault diagnosis and tolerance in cryptography (FDTC), pp 101–107
Mathew SK, Srinivasan S, Anders MA et al (2012) 2.4 Gbps, 7 mW all-digital PVT-variation tolerant true random number generator for 45 nm CMOS high-performance microprocessors. IEEE J Solid-State Circuits 47(11):2807–2821
Leveugle R, Maistri P, Vanhauwaert P et al (2014) Laser-induced fault effects in security-dedicated circuits. In: The 22nd international conference on very large scale integration (VLSI-SoC), pp 1–6
Piret G, Quisquater J (2003) A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: International workshop on cryptographic hardware and embedded systems, pp 77–88
Tunstall M, Mukhopadhyay D, Ali S (2011) Differential fault analysis of the advanced encryption standard using a single fault. In: IFIP international workshop on information security theory and practices, pp 224–233
Ali SS, Mukhopadhyay D, Tunstall M (2013) Differential fault analysis of AES: towards reaching its limits. J Cryptogr Eng 3(2):7397
Ghosh S, Saha D, Sengupta A et al (2015) Preventing fault attacks using fault randomization with a case study on AES. In: Australasian conference on information security and privacy, pp 343–355
Patranabis S, Chakraborty A, Mukhopadhyay D (2015) Fault tolerant infective countermeasure for AES. In: International conference on security, privacy, and applied cryptography engineering, pp 190–209
Reingold O (1998) Pseudo-random synthesizers, functions and permutations. The Weizmann Institute of Science doctor dissertation, Rehovot
Blömer J, Guajardo J, Krummel V (2004) Provably secure masking of AES. In: International workshop on selected areas in cryptography, pp 69–83
Oswald E, Mangard S, Pramstaller N et al (2005) A side-channel analysis resistant description of the AES S-Box. In: International workshop on fast software encryption, pp 413–423
Patranabis S, Chakraborty A, Nguyen PH et al (2015) A biased fault attack on the time redundancy countermeasure for AES. In: International workshop on constructive side-channel analysis and secure design, pp 189–203
Patranabis S, Chakraborty A, Mukhopadhyay D et al (2015) Using state space encoding to counter biased fault attacks on AES countermeasures. IACR Cryptology ePrint Archive 2015:806
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd. and Science Press, Beijing
About this chapter
Cite this chapter
Liu, L., Wang, B., Wei, S. (2018). Physical Attack Countermeasures for Reconfigurable Cryptographic Processors. In: Reconfigurable Cryptographic Processor. Springer, Singapore. https://doi.org/10.1007/978-981-10-8899-5_6
Download citation
DOI: https://doi.org/10.1007/978-981-10-8899-5_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8898-8
Online ISBN: 978-981-10-8899-5
eBook Packages: EngineeringEngineering (R0)