Cryptology ePrint Archive: Report 2016/1135

Static Power Side-Channel Analysis of a Threshold Implementation Prototype Chip

Thorben Moos and Amir Moradi and Bastian Richter

Abstract: The static power consumption of modern CMOS devices has become a substantial concern in the context of the side-channel security of cryptographic hardware. The continuous growth of the leakage power dissipation in nanometer-scaled CMOS technologies is not only inconvenient for effective low power designs, but does also create a new target for power analysis adversaries. In this paper, we present the first experimental results of a static power side-channel analysis targeting an ASIC implementation of a provably first-order secure hardware masking scheme. The investigated 150 nm CMOS prototype chip realizes the PRESENT-80 lightweight block cipher as a threshold implementation and allows us to draw a comparison between the information leakage through its dynamic and static power consumption. By employing a sophisticated measurement setup dedicated to static power analysis, including a very low-noise DC amplifier as well as a climate chamber, we are able to recover the key of our target implementation with significantly less traces compared to the corresponding dynamic power analysis attack. In particular, for a successful third-order attack exploiting the static currents, less than 200 thousand traces are needed. Whereas for the same attack in the dynamic power domain around 5 million measurements are required. Furthermore, we are able to show that only-first-order resistant approaches like the investigated threshold implementation do not significantly increase the complexity of a static power analysis. Therefore, we firmly believe that this side channel can actually become the target of choice for real-world adversaries against masking countermeasures implemented in advanced CMOS technologies.

Category / Keywords: implementation / side-channel analysis, masking

Original Publication (in the same form): DATE 2017

Date: received 5 Dec 2016

Contact author: amir moradi at rub de

Available format(s): PDF | BibTeX Citation

Version: 20161208:170102 (All versions of this report)

Short URL: ia.cr/2016/1135

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]