High Speed ASIC Implementations of Leakage-Resilient Cryptography

Robert Schilling, Thomas Unterluggauer, Stefan Mangard, Frank K. Gürkaynak, Michael Mühlberghuber, Luca Benini

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Embedded devices in the Internet-of Things require encryption functionalities to secure
their communication. However, side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations.
While state-of-the-art countermeasures like masking slow down the performance and can only prevent DPA up to a certain order, leakage-resilient schemes are designed to stay secure even in the presence of side-channel leakage. Although several leakage resilient
schemes have been proposed, there are no hardware implementations to demonstrate their practicality and performance on measurable silicon.
In this work, we present an ASIC implementation of a multi-core System-on-Chip extended with a software programmable accelerator for leakage-resilient cryptography.
The accelerator is deeply embedded in the shared memory architecture of the many-core system, supports different configurations, contains a high throughput implementation of the 2PRG primitive based on AES-128, offers two side-channel protected rekeying functions, and is the first fabricated design of the side-channel secure authenticated encryption scheme ISAP. The accelerator reaches a maximum throughput of 7.49 Gbit/s and a best-case energy efficiency of 137 Gbit/s/W making this accelerator suitable for high speed secure IoT applications.
Original languageEnglish
Title of host publicationDesign, Automation & Test in Europe Conference - DATE 2018
PublisherInstitute of Electrical and Electronics Engineers
DOIs
Publication statusPublished - Mar 2018

Keywords

    Cite this

    Schilling, R., Unterluggauer, T., Mangard, S., Gürkaynak, F. K., Mühlberghuber, M., & Benini, L. (2018). High Speed ASIC Implementations of Leakage-Resilient Cryptography. In Design, Automation & Test in Europe Conference - DATE 2018 Institute of Electrical and Electronics Engineers. https://doi.org/10.23919/DATE.2018.8342208

    High Speed ASIC Implementations of Leakage-Resilient Cryptography. / Schilling, Robert; Unterluggauer, Thomas; Mangard, Stefan; Gürkaynak, Frank K.; Mühlberghuber, Michael; Benini, Luca.

    Design, Automation & Test in Europe Conference - DATE 2018. Institute of Electrical and Electronics Engineers, 2018.

    Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

    Schilling, R, Unterluggauer, T, Mangard, S, Gürkaynak, FK, Mühlberghuber, M & Benini, L 2018, High Speed ASIC Implementations of Leakage-Resilient Cryptography. in Design, Automation & Test in Europe Conference - DATE 2018. Institute of Electrical and Electronics Engineers. https://doi.org/10.23919/DATE.2018.8342208
    Schilling R, Unterluggauer T, Mangard S, Gürkaynak FK, Mühlberghuber M, Benini L. High Speed ASIC Implementations of Leakage-Resilient Cryptography. In Design, Automation & Test in Europe Conference - DATE 2018. Institute of Electrical and Electronics Engineers. 2018 https://doi.org/10.23919/DATE.2018.8342208
    Schilling, Robert ; Unterluggauer, Thomas ; Mangard, Stefan ; Gürkaynak, Frank K. ; Mühlberghuber, Michael ; Benini, Luca. / High Speed ASIC Implementations of Leakage-Resilient Cryptography. Design, Automation & Test in Europe Conference - DATE 2018. Institute of Electrical and Electronics Engineers, 2018.
    @inproceedings{0d93c14918484769bdefe3f8fe8caa50,
    title = "High Speed ASIC Implementations of Leakage-Resilient Cryptography",
    abstract = "Embedded devices in the Internet-of Things require encryption functionalities to securetheir communication. However, side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations.While state-of-the-art countermeasures like masking slow down the performance and can only prevent DPA up to a certain order, leakage-resilient schemes are designed to stay secure even in the presence of side-channel leakage. Although several leakage resilientschemes have been proposed, there are no hardware implementations to demonstrate their practicality and performance on measurable silicon.In this work, we present an ASIC implementation of a multi-core System-on-Chip extended with a software programmable accelerator for leakage-resilient cryptography.The accelerator is deeply embedded in the shared memory architecture of the many-core system, supports different configurations, contains a high throughput implementation of the 2PRG primitive based on AES-128, offers two side-channel protected rekeying functions, and is the first fabricated design of the side-channel secure authenticated encryption scheme ISAP. The accelerator reaches a maximum throughput of 7.49 Gbit/s and a best-case energy efficiency of 137 Gbit/s/W making this accelerator suitable for high speed secure IoT applications.",
    keywords = "ASIC, Cryptography, IoT, leakage-reslience, Security",
    author = "Robert Schilling and Thomas Unterluggauer and Stefan Mangard and G{\"u}rkaynak, {Frank K.} and Michael M{\"u}hlberghuber and Luca Benini",
    year = "2018",
    month = "3",
    doi = "10.23919/DATE.2018.8342208",
    language = "English",
    booktitle = "Design, Automation & Test in Europe Conference - DATE 2018",
    publisher = "Institute of Electrical and Electronics Engineers",
    address = "United States",

    }

    TY - GEN

    T1 - High Speed ASIC Implementations of Leakage-Resilient Cryptography

    AU - Schilling, Robert

    AU - Unterluggauer, Thomas

    AU - Mangard, Stefan

    AU - Gürkaynak, Frank K.

    AU - Mühlberghuber, Michael

    AU - Benini, Luca

    PY - 2018/3

    Y1 - 2018/3

    N2 - Embedded devices in the Internet-of Things require encryption functionalities to securetheir communication. However, side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations.While state-of-the-art countermeasures like masking slow down the performance and can only prevent DPA up to a certain order, leakage-resilient schemes are designed to stay secure even in the presence of side-channel leakage. Although several leakage resilientschemes have been proposed, there are no hardware implementations to demonstrate their practicality and performance on measurable silicon.In this work, we present an ASIC implementation of a multi-core System-on-Chip extended with a software programmable accelerator for leakage-resilient cryptography.The accelerator is deeply embedded in the shared memory architecture of the many-core system, supports different configurations, contains a high throughput implementation of the 2PRG primitive based on AES-128, offers two side-channel protected rekeying functions, and is the first fabricated design of the side-channel secure authenticated encryption scheme ISAP. The accelerator reaches a maximum throughput of 7.49 Gbit/s and a best-case energy efficiency of 137 Gbit/s/W making this accelerator suitable for high speed secure IoT applications.

    AB - Embedded devices in the Internet-of Things require encryption functionalities to securetheir communication. However, side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations.While state-of-the-art countermeasures like masking slow down the performance and can only prevent DPA up to a certain order, leakage-resilient schemes are designed to stay secure even in the presence of side-channel leakage. Although several leakage resilientschemes have been proposed, there are no hardware implementations to demonstrate their practicality and performance on measurable silicon.In this work, we present an ASIC implementation of a multi-core System-on-Chip extended with a software programmable accelerator for leakage-resilient cryptography.The accelerator is deeply embedded in the shared memory architecture of the many-core system, supports different configurations, contains a high throughput implementation of the 2PRG primitive based on AES-128, offers two side-channel protected rekeying functions, and is the first fabricated design of the side-channel secure authenticated encryption scheme ISAP. The accelerator reaches a maximum throughput of 7.49 Gbit/s and a best-case energy efficiency of 137 Gbit/s/W making this accelerator suitable for high speed secure IoT applications.

    KW - ASIC

    KW - Cryptography

    KW - IoT

    KW - leakage-reslience

    KW - Security

    U2 - 10.23919/DATE.2018.8342208

    DO - 10.23919/DATE.2018.8342208

    M3 - Conference contribution

    BT - Design, Automation & Test in Europe Conference - DATE 2018

    PB - Institute of Electrical and Electronics Engineers

    ER -