TY - JOUR
T1 - A Silicon-Level Countermeasure Against Fault Sensitivity Analysis and Its Evaluation
AU - Endo, Sho
AU - Li, Yang
AU - Homma, Naofumi
AU - Sakiyama, Kazuo
AU - Ohta, Kazuo
AU - Fujimoto, Daisuke
AU - Nagata, Makoto
AU - Katashita, Toshihiro
AU - Danger, Jean Luc
AU - Aoki, Takafumi
N1 - Publisher Copyright:
© 2014 IEEE.
Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.
PY - 2015/8/1
Y1 - 2015/8/1
N2 - In this paper, we present an efficient countermeasure against fault sensitivity analysis (FSA) based on configurable delay blocks (CDBs). FSA is a new type of fault attack, which exploits the relationship between fault sensitivity (FS) and secret information. Previous studies reported that it could break cryptographic modules equipped with conventional countermeasures against differential fault analysis (DFA), such as redundancy calculation, masked and-or, and wave dynamic differential logic. The proposed countermeasure can thwart both DFA and FSA attacks based on setup time violation faults. The proposed ideas are to use a CDB as a time base for detection and to combine the technique with Li's countermeasure concept that removes the dependency between FSs and secret data. The postmanufacture configuration of the CDBs allows minimization of the overhead in operating frequency that comes from manufacture variability. In this paper, we also present an implementation of the proposed countermeasure in application-specified integrated circuit, and describe its configuration method. We then investigate the hardware overhead of the proposed countermeasure for an advanced encryption standard processor and demonstrate its validity through an experiment.
AB - In this paper, we present an efficient countermeasure against fault sensitivity analysis (FSA) based on configurable delay blocks (CDBs). FSA is a new type of fault attack, which exploits the relationship between fault sensitivity (FS) and secret information. Previous studies reported that it could break cryptographic modules equipped with conventional countermeasures against differential fault analysis (DFA), such as redundancy calculation, masked and-or, and wave dynamic differential logic. The proposed countermeasure can thwart both DFA and FSA attacks based on setup time violation faults. The proposed ideas are to use a CDB as a time base for detection and to combine the technique with Li's countermeasure concept that removes the dependency between FSs and secret data. The postmanufacture configuration of the CDBs allows minimization of the overhead in operating frequency that comes from manufacture variability. In this paper, we also present an implementation of the proposed countermeasure in application-specified integrated circuit, and describe its configuration method. We then investigate the hardware overhead of the proposed countermeasure for an advanced encryption standard processor and demonstrate its validity through an experiment.
KW - Advanced encryption standard (AES)
KW - application-specified integrated circuit (ASIC) implementation
KW - fault sensitivity analysis (FSA)
KW - side-channel analysis
UR - http://www.scopus.com/inward/record.url?scp=85028218523&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85028218523&partnerID=8YFLogxK
U2 - 10.1109/TVLSI.2014.2339892
DO - 10.1109/TVLSI.2014.2339892
M3 - Article
AN - SCOPUS:85028218523
VL - 23
SP - 1429
EP - 1438
JO - IEEE Transactions on Very Large Scale Integration (VLSI) Systems
JF - IEEE Transactions on Very Large Scale Integration (VLSI) Systems
SN - 1063-8210
IS - 8
M1 - 6872596
ER -