Paper 2017/608

Your Rails Cannot Hide From Localized EM: How Dual-Rail Logic Fails on FPGAs

Vincent Immler, Robert Specht, and Florian Unterstein


Protecting cryptographic implementations against side-channel attacks is a must to prevent leakage of processed secrets. As a cell-level countermeasure, so called DPA-resistant logic styles have been proposed to prevent a data-dependent power consumption. As most of the DPA-resistant logic is based on dual-rails, properly implementing them is a challenging task on FPGAs which is due to their fixed architecture and missing freedom in the design tools. While previous works show a significant security gain when using such logic on FPGAs, we demonstrate this only holds for power-analysis. In contrast, our attack using high-resolution electromagnetic analysis is able to exploit local characteristics of the placement and routing such that only a marginal security gain remains, therefore creating a severe threat. To further analyze the properties of both attack and implementation, we develop a custom placer to improve the default placement of the analyzed AES S-box. Different cost functions for the placement are tested and evaluated w.r.t. the resulting side-channel resistance on a Spartan-6 FPGA. As a result, we are able to more than double the resistance of the design compared to cases not benefiting from the custom placement.

Available format(s)
Publication info
Published by the IACR in CHES 2017
Side-Channel AnalysisDual-RailLocalized EMPlacementRouting
Contact author(s)
vincent immler @ aisec fraunhofer de
2017-06-26: received
Short URL
Creative Commons Attribution


      author = {Vincent Immler and Robert Specht and Florian Unterstein},
      title = {Your Rails Cannot Hide From Localized EM: How Dual-Rail Logic Fails on FPGAs},
      howpublished = {Cryptology ePrint Archive, Paper 2017/608},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.