NORA: Algorithmic Balancing without Pre-charge to Thwart Power Analysis Attacks

Abstract

Power analysis attacks use power dissipation to find the secret key of cryptographic devices. Two of the main techniques used as the countermeasures of power analysis attacks are masking and balancing. This paper considers countermeasures with balancing only. All balancing methods proposed so far require a pre-charge (or a pre-clear) state for all registers in which the logic is initialized to logic '1' (or to logic '0') so that equal Hamming distances (HD) and Hamming weights (HW) are maintained. Pre-charging and preclearing add additional clock cycles to the encryption algorithm. In this paper, for the first time, we present an algorithmic balancing technique (referred to as NORA: No Pre-charge) which does not require the pre-charge/pre-clear stage. The proposed balancing technique is explained as a generalized block cipher balancing technique and an Advanced Encryption Standard (AES) circuit is implemented as an example. Correlation power analysis attacks were carried out against 600,000 traces and Normalized Inter Class Variance (NICV) was used as the leakage evaluation methodology. The resulting circuit is the only complete AES circuit, which can balance both Hamming weights and Hamming distances without pre-charging or pre-clearing while resisting variability effects such as path imbalances and process variations. The circuit only consumes 8.1× resources when compared to an unprotected AES circuit implemented on a Xilinx Kintex7-325T FPGA.