Cryptology ePrint Archive: Report 2013/579

On Measurable Side-Channel Leaks inside ASIC Design Primitives

Takeshi Sugawara and Daisuke Suzuki and Minoru Saeki and Mitsuru Shiozaki and Takeshi Fujino

Abstract: Leaks inside semi-custom ASIC (Application Specific Integrated Circuit) design primitives are rigorously investigated. The study is conducted by measuring a dedicated TEG (Test Element Group) chip with a small magnetic-field probe on the chip surface. Measurement targets are standard cells and a memory macro cell. Leaks inside the primitives are focused as many of conventional countermeasures place measurability boundaries on these primitives. Firstly, it is shown that current-path leak: a leak based on input-dependent active current path within a standard cell is measurable. Major gate-level countermeasures (RSL, MDPL, and WDDL) become vulnerable if the current-path leak is considered. Secondly, it is shown that internal-gate leak: a leak based on non-linear sub-circuit within a XOR cell is measurable. It can be exploited to bias the distribution of the random mask. Thirdly, it is shown that geometric leak: a leak based on geometric layout of the memory matrix structure is measurable. It is a leak correlated to integer representation of the memory address. We also show that a ROM-based countermeasure (Dual-rail RSL memory) becomes vulnerable with the geometric leak. A general transistor-level design method to counteract the current-path and internal-gate leaks is also shown.

Category / Keywords: implementation / Side-channel attacks

Original Publication (in the same form): IACR-CHES-2013

Date: received 9 Sep 2013

Contact author: Sugawara Takeshi at bp MitsubishiElectric co jp

Available format(s): PDF | BibTeX Citation

Version: 20130914:000542 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]