Algorithmically Balanced Circuit to Mitigate Power and Fault Injection Based Side Channel Analysis Attacks

Abstract

Cryptography algorithms, such as Advanced Encryption Standard (AES) algorithm, are responsible for keeping confidential and critical data secure using a secret key to access that data. Today, due to the integration of digital technology into all disciplines, personal information, government, financial, and military information is stored using cryptographic algorithms to prevent unauthorised access.

When cryptographic algorithms are executed on either circuit based implementations or software based implementations, using non-computational emanated information, such as power dissipation, elapsed time, electromagnetic radiation, faulty ciphertext, and cache content (which are referred to as side-channels) the secret key can be deduced. Such attacks are referred to as side-channel attacks.

Most devices, armed with cryptographic algorithms, use modes of operations to remove data dependencies. In this dissertation, first, the resistance of modes of operations of AES is tested against power based side-channel analysis attacks. The minimal number of power traces to break each mode is calculated with a 99.99\% confidence interval. This analysis is the first comprehensive analytical study of power based side-channel analysis resistance and the comparison of the levels of resistance offered by the differing modes of AES.

In order to mitigate power based side channel attacks, countermeasures must be deployed. Balancing bit flips has been shown to be an excellent solution against power analysis attacks where the data and the complement of the data are processed simultaneously to cancel out (balance) the data dependent power dissipations.

A novel algorithmic circuit balancing technique, QuadSeal, which balances both static power and the dynamic power is proposed as the main contribution of this thesis. QuadSeal uses four algorithmically modified circuits. The mathematical proof of the QuadSeal countermeasure is presented, and AES is balanced as an example with a random input swapping methodology to resist variability effects. Having a 6.5x area overhead and 4$\times$ power overhead, QuadSeal-AES is the smallest complete balancing countermeasure against power based side-channel analysis attacks. Unlike, all the circuitry balancing countermeasures proposed in the literature, QuadSeal can turn off additional circuitry to save power consumption or perform parallel encryptions to increase throughput when the security is not essential.

Only a few countermeasures offer protection against multiple side-channel leakages. QuadSeal countermeasure was tested against fault injection attacks. First, a mathematical proof of the fault injection attack resistance of QuadSeal is presented, and it is proven that QuadSeal offers protection against fault injection attacks, but not detection. Therefore, a dual mode circuit (referred to as C-FIA circuit) which can detect and correct fault injections is proposed to hone the resistance against fault injection attacks. The only possible way to break the security of C-FIA circuit is by injecting identical faults into all four circuits which has not been possible thus far.

Pre-charge stage is essential in all previously proposed balancing countermeasures, where during the pre-charge stage the registers and logic are initialised to ‘0’ to achieve a constant number of bit transitions. An extension of QuadSeal, NORA balancing methodology, is proposed as the last contribution of the thesis, in which the pre-charge stage is not needed. The mathematical proof of NORA is presented for a general register, and then the two AES implementations (using distributed Random Access Memory - RAM and block RAM) are proposed. The security of NORA is tested against 600,000 encryptions using both multi-bit and mono-bit attack models. The information leakage is also presented. NORA is the only balancing countermeasure which does not need pre-charge stage to maintain constant power dissipation.