On the synthesis of attack tolerant cryptographic hardware

Abstract

Concurrent error detection and correction is an effective way to mitigate fault attacks in cryptographic hardware. Recent work on differential power analysis shows that even mathematically-secure cryptographic protocols may be vulnerable at the physical implementation level. By measuring energy consumed by a working digital circuit, it is possible to gain valuable information about the encryption algorithms used and even the specific encryption keys. Thwarting such attacks requires a new approach to logic and physical designs. This paper presents a systematic approach to fault tolerant cryptographic hardware designs. Firstly, the effectiveness of the Hamming code based error correction schemes as a fault tolerance method in stream ciphers is investigated. Coding is applied to Linear Feedback Shift Registers (LFSR) based stream cipher implementations. The method was implemented on industrial standard stream ciphers, e.g. A5/1(GSM), E0 (Bluetooth), RC4 (WEP), and W7. The performance variation of stream cipher algorithms with error detection and correction was studied by synthesising the designs on Field Programmable Logic Arrays (FPGA) and Application Specific Integrated Circuits (ASIC). Further, we analyse hardware building blocks to minimise switching activity of a circuit over all possible inputs and input transitions by adding redundant gates and increasing the overall number of signal transitions. We also discuss the overhead and compositional properties of uniformly-switching circuits.