Title :
A side-channel leakage free coprocessor IC in 0.18μm CMOS for embedded AES-based cryptographic and biometric processing
Author :
Tiri, K. ; Hwang, D. ; Hodjat, A. ; Lai, E. ; Yang, S. ; Schaumont, P. ; Verbauwhede, L.
Author_Institution :
Electr. Eng. Dept., California Univ., Los Angeles, CA, USA
Abstract :
Security ICs are vulnerable to side-channel attacks (SCAs) that find the secret key by monitoring the power consumption and other information that is leaked by the switching behavior of digital CMOS gates. This paper describes a side-channel attack resistant coprocessor IC and its design techniques. The IC has been fabricated in 0.18μm CMOS. The coprocessor, which is used for embedded cryptographic and biometric processing, consists of four components: an advanced encryption standard (AES) based cryptographic engine, a fingerprint-matching oracle, template storage, and an interface unit. Two functionally identical coprocessors have been fabricated on the same die. The first, ´secure´, coprocessor is implemented using a logic style called wave dynamic digital logic (WDDL) and a layout technique called differential routing. The second, ´insecure´, coprocessor is implemented using regular standard cells and regular routing techniques. Measurement-based experimental results show that a differential power analysis (DPA) attack on the insecure coprocessor requires only 8,000 acquisitions to disclose the entire 128b secret key. The same attack on the secure coprocessor still does not disclose the entire secret key at 1,500,000 acquisitions. This improvement in DPA resistance of at least 2 orders of magnitude makes the attack de facto infeasible. The required number of measurements is larger than the lifetime of the secret key in most practical systems.
Keywords :
CMOS digital integrated circuits; biometrics (access control); code standards; coprocessors; embedded systems; integrated circuit design; network routing; power supply circuits; public key cryptography; security of data; smart cards; 0.18 micron; SCA; WDDL; advanced encryption standard; biometric processing; coprocessor IC; cryptographic engine; cryptographic processing; differential power analysis attack; differential routing; digital CMOS gates; embedded AES; fingerprint-matching oracle; interface unit; layout technique; power consumption monitoring; secret key; security IC; side-channel attacks; side-channel leakage; smart card; switching behavior; template storage; wave dynamic digital logic; Biometrics; CMOS integrated circuits; CMOS process; Coprocessors; Cryptography; Electrical resistance measurement; Immune system; Information security; Logic; Monitoring;
Conference_Titel :
Design Automation Conference, 2005. Proceedings. 42nd
Print_ISBN :
1-59593-058-2
DOI :
10.1109/DAC.2005.193805