Litcius/Paper detail

27.3 EM and Power SCA-Resilient AES-256 in 65nm CMOS Through >350× Current-Domain Signature Attenuation

Debayan Das, Josef Danial, Anupam Golder, Nirmoy Modak, Shovan Maity, Baibhab Chatterjee, Dong‐Hyun Seo, Muya Chang, Avinash L. Varna, Harish K. Krishnamurthy, Sanu Mathew, Santosh Ghosh, Arijit Raychowdhury, Shreyas Sen

202040 citationsDOI

Abstract

Computationally-secure cryptographic algorithms when implemented on physical platforms leak critical physical signals correlated with the secret key in the form of power consumption and electromagnetic (EM) emanations. This can be exploited by an adversary, leading to side-channel attacks (SCA) that can recover the secret key. Circuit-level on-chip countermeasures include a switched-capacitor current equalizer [1], charge-recovery logic [2], an integrated voltage regulator (IVR) [3], and an all-digital low-dropout (LDO) regulator [4], which suffer from performance degradation, high power/area overheads because of large embedded passives, as well as EM leakage from large metal-insulator-metal (MIM) capacitor top plates. Alternatively, simulations of shunt LDO-based regulators have been shown to be effective for power SCA resistance [5]. Noting that the correlated current is the source of both power (at supply pin) and EM leakage (radiation throughout current path), this work embraces current-domain `signature attenuation' (CDSA) as a low-overhead generic countermeasure against both EM and power side-channel attacks to achieve the highest minimum traces to disclosure (MTD reported to date.

Topics & Concepts

Computer scienceElectrical engineeringCMOSElectronic engineeringCapacitorAttenuationPower analysisEmbedded systemVoltageCryptographyEngineeringPhysicsComputer securityOpticsCryptographic Implementations and SecurityPhysical Unclonable Functions (PUFs) and Hardware SecuritySecurity and Verification in Computing