Abstract
Implementing a cryptographic circuit poses challenges not always acknowledged in the backing mathematical theory. One of them is the vulnerability against side-channel attacks . A side-channel attack is a procedure that uses information leaked by the circuit through, for example, its own power consumption or electromagnetic emissions, to derive sensitive data (e.g, the secret key used for encryption). Nowadays, we design circuitry to keep this sensitive information from leaking (i.e., a countermeasure ), but the path from specification down to implementation is far from being fully automatic. As we know, manual refinement steps can be error prone and the sheer potential of these errors can be devastating in a scenario such as the one we are dealing with. In this article, we investigate whether a single embedded domain specific language (EDSL) can, at the same time, help us in specifying and enforcing the functionality of the circuit as well as its protection against side-channel attacks. The EDSL is a fundamental block of an original design flow (named Countermeasure Against Side-Channel Attacks, i.e., CASCA) whose aim is to complement an existing industrial scenario and to provide the necessary guarantee that a secure primitive is not vulnerable up to a first-order attack. As a practical case study, we will show how we applied the proposed tools to ensure both functional and extra-functional correctness of a composite-field Advanced Encryption Standard (AES) S-Box. To ensure the reproducibility of this research, this article is accompanied by an open source release of the EDSL 1 that contains the presented S-Box implementation and an additional 3-Shares threshold implementation of the Keccak χ function [7].
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: ACM Transactions on Design Automation of Electronic Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.