Review of gate-level differential power analysis and fault analysis countermeasures

Hardware implementation of modern crypto devices paves the way for a special type of cryptanalysis, which is known as side channel analysis (SCA) attacks. These attacks are designed to extract critical information from the physical leakage of the digital circuitry such as the power consumption and electromagnetic emissions. Differential power analysis (DPA) attacks are considered the most efficient form of SCA attacks that require special types of countermeasures. Another form of attacks, known as fault analysis (FA), is based on forcing the circuit to produce faulty results in order to extract useful information about the secret. Several countermeasures have been proposed in the literature to address and mitigate SCA attacks at different levels of abstraction. They include algorithmic, gate and transistor-level countermeasures. Leakage originates at every level according to the implemented crypto system and attack methodology. Countermeasures at gate level and transistor level are more generic than those at the algorithmic level as they tend to be specialised for certain implementations. Complication of the design process increases down to the basic abstraction layers, however, gate-level countermeasures provide the balance of generality and design complication. The major state-of-the-art gate-level countermeasures against DPA and FA attacks are reviewed here.