Naghmeh Karimi

Assistant Professor
Department of Computer Science and Electrical Engineering
University of Maryland Baltimore County (UMBC)

Impact of Aging on Power Analysis Attacks Targeting Power-Equalized Cryptographic Circuits

To tackle the vulnerability of cryptographic circuits against Power Analysis attacks, various countermeasures have been proposed in literature and adapted by industries, among which a branch of hiding schemes that equalize the power consumption of the chip regardless of the processed data have received the lion’s share of attention in the recent years. Although supposed to preserve the security of the underlying chips, the dual-rail based hiding countermeasures may not provide a long lasting security when device aging comes into account. Due to aging, the specifications of transistors, and in particular their threshold-voltage, deviate from their fabrication-time specification, leading to a change of circuit’s delay and power consumption over time. As our research [link] shows such aging-induced impacts result in imbalances in the equalized power consumption achieved by hiding countermeasures, and thus facilitate the key recovery process. The experimental results extracted through the aging simulation of the PRESENT cipher protected by Sense Amplifier Based Logic (SABL), one of the well-known hiding countermeasures, confirms the need for a long lasting security provision for cryptographic chips mainly the ones protected via dual-rail based countermeasures against power analysis attacks.


Masked SABL: a Long Lasting Side-Channel Protection Design Methodology

Sense Amplifier Based Logic (SABL) has been proposed to tackle Side-Channel Analysis (SCA) attacks and in particular power analysis attacks. This countermeasure provides a reasonable trade-off between the overhead imposed to the circuit and achieved security level. Although SABL-based circuits have been shown effective against SCA attacks, such a resistance may not be maintained over the circuits’ lifetime [link]. Even the adversary can intentionally accelerate the aging process and exploit the resulting SCA leakage to recover the embedded secret. This paper [link] feels the gap and constructs a new variant of SABL, i.e., masked SABL, by integrating gate-level masking into the SABL structures. We make use of the Masked Dual-rail Pre-charge Logic (MDPL) concept and swap the SABL dual rails based on a random mask bit in order to equally distribute the aging effect on both rails independent of processed data. This avoids the transistors associated to a certain rail of a gate to switch more than the others, hence balancing the effect of aging on both rails independent of the gate’s input, and provides a long-lasting security for the underlying SABL protected structure.



Impact of Aging on the Success of Profiling Side-Channel Attacks

Profiling side-channel attacks in which an adversary creates a “profile” of a sensitive device and uses that profile to model a target device with similar implementation has received a lot of attention in the recent years. In the template attack, one such profiling attack, the adversary first builds a model based on the leakage of a profiling device in his disposal and uses that model to attack the target device. It is known that the temperature and process variation discrepancies between the profiling and targeted device can affect the success of the template attack. This research moves one step forward and investigates the impact of device aging, mainly Bias temperature Instability (BTI) and Hot Carrier Injection (HCI) in the template attack. In particular, we show how the aging misalignments between the profiling and targeted device hinders the template attack [link]. We focus on both unprotected and Wave Dynamic Differential Logic (WDDL) protected circuitries, and via extensive transistor-level simulations show that such aging-induced attack hindering is more prominent in the WDDL circuitries compared to the unprotected counterparts when thesre is an aging mismatch between the profiling and target circuits [link].












UMBC CSEE Logo