TY - JOUR
T1 - Diffusional Side-Channel Leakage from Unrolled Lightweight Block Ciphers
T2 - A Case Study of Power Analysis on PRINCE
AU - Yli-Mayry, Ville
AU - Ueno, Rei
AU - Miura, Noriyuki
AU - Nagata, Makoto
AU - Bhasin, Shivam
AU - Mathieu, Yves
AU - Graba, Tarik
AU - Danger, Jean Luc
AU - Homma, Naofumi
N1 - Funding Information:
Manuscript received June 2, 2020; revised September 9, 2020; accepted October 3, 2020. Date of publication October 23, 2020; date of current version December 1, 2020. This work was supported in part by the Japan Science and Technology Agency (JST) Core Research for Evolutional Science and Technology (CREST) under Grant JPMJCR19K5, Japan, and in part by the Japan Society for the Promotion of Science (JSPS) KAKENHI under Grant 17H00729 and Grant 19K24336. The associate editor coordinating the review of this manuscript and approving it for publication was Prof. Ulrich Rührmair. (Corresponding author: Ville Yli-Mäyry.) Ville Yli-Mäyry, Rei Ueno, and Naofumi Homma are with the Research Insititute of Electrical Communication, Tohoku University, Sendai 980-8577, Japan, and also with the JST CREST, Tokyo 102-0076, Japan (e-mail: ville@riec.tohoku.ac.jp).
Publisher Copyright:
© 2005-2012 IEEE.
PY - 2021
Y1 - 2021
N2 - This study investigates a new side-channel leakage observed in the inner rounds of an unrolled hardware implementation of block ciphers in a chosen-input attack scenario. The side-channel leakage occurs in the first round and it can be observed in the later inner rounds because it arises from path activation bias caused by the difference between two consecutive inputs. Therefore, a new attack that exploits the leakage is possible even for unrolled implementations equipped with countermeasures (masking and/or deglitchers that separate the circuit in terms of glitch propagation) in the round involving the leakage. We validate the existence of such a unique side-channel leakage through a set of experiments with a fully unrolled PRINCE cipher hardware, implemented on a field-programmable gate array (FPGA). In addition, we verify the validity and evaluate the hardware cost of a countermeasure for the unrolled implementation, namely the Threshold Implementation (TI) countermeasure.
AB - This study investigates a new side-channel leakage observed in the inner rounds of an unrolled hardware implementation of block ciphers in a chosen-input attack scenario. The side-channel leakage occurs in the first round and it can be observed in the later inner rounds because it arises from path activation bias caused by the difference between two consecutive inputs. Therefore, a new attack that exploits the leakage is possible even for unrolled implementations equipped with countermeasures (masking and/or deglitchers that separate the circuit in terms of glitch propagation) in the round involving the leakage. We validate the existence of such a unique side-channel leakage through a set of experiments with a fully unrolled PRINCE cipher hardware, implemented on a field-programmable gate array (FPGA). In addition, we verify the validity and evaluate the hardware cost of a countermeasure for the unrolled implementation, namely the Threshold Implementation (TI) countermeasure.
KW - countermeasures
KW - Low-latency block ciphers
KW - PRINCE
KW - side-channel attacks
KW - unrolled implementation
UR - http://www.scopus.com/inward/record.url?scp=85097795534&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85097795534&partnerID=8YFLogxK
U2 - 10.1109/TIFS.2020.3033441
DO - 10.1109/TIFS.2020.3033441
M3 - Article
AN - SCOPUS:85097795534
SN - 1556-6013
VL - 16
SP - 1351
EP - 1364
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
M1 - 9238027
ER -