Paper 2017/608
Your Rails Cannot Hide From Localized EM: How Dual-Rail Logic Fails on FPGAs
Vincent Immler, Robert Specht, and Florian Unterstein
Abstract
Protecting cryptographic implementations against side-channel attacks is a must to prevent leakage of processed secrets. As a cell-level countermeasure, so called DPA-resistant logic styles have been proposed to prevent a data-dependent power consumption. As most of the DPA-resistant logic is based on dual-rails, properly implementing them is a challenging task on FPGAs which is due to their fixed architecture and missing freedom in the design tools. While previous works show a significant security gain when using such logic on FPGAs, we demonstrate this only holds for power-analysis. In contrast, our attack using high-resolution electromagnetic analysis is able to exploit local characteristics of the placement and routing such that only a marginal security gain remains, therefore creating a severe threat. To further analyze the properties of both attack and implementation, we develop a custom placer to improve the default placement of the analyzed AES S-box. Different cost functions for the placement are tested and evaluated w.r.t. the resulting side-channel resistance on a Spartan-6 FPGA. As a result, we are able to more than double the resistance of the design compared to cases not benefiting from the custom placement.
Metadata
- Available format(s)
-
PDF
- Publication info
- Published by the IACR in CHES 2017
- Keywords
- Side-Channel AnalysisDual-RailLocalized EMPlacementRouting
- Contact author(s)
- vincent immler @ aisec fraunhofer de
- History
- 2017-06-26: received
- Short URL
- https://ia.cr/2017/608
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/608,
author = {Vincent Immler and Robert Specht and Florian Unterstein},
title = {Your Rails Cannot Hide From Localized {EM}: How Dual-Rail Logic Fails on {FPGAs}},
howpublished = {Cryptology {ePrint} Archive, Paper 2017/608},
year = {2017},
url = {https://eprint.iacr.org/2017/608}
}
