The proposal of power analysis for common key cryptography implemented on the FPGA and its countermeasure

• Published in: Electronics & communications in Japan. Part 3, Fundamental electronic science Vol. 88; no. 8; pp. 28 - 37
• Main Authors: Yamaguchi, Teruyoshi, Hashiyama, Tomonori, Okuma, Shigeru
• Format: Journal Article
• Language: English
• Published: Hoboken Wiley Subscription Services, Inc., A Wiley Company 01.08.2005
• Subjects: common key cryptography; differential power analysis; FPGA
• ISSN: 1042-0967; 1520-6440
• DOI: 10.1002/ecjc.20140

With recent advances in networks and IT equipment, cryptography is now used in many different areas. On the other hand, research is being carried out to attack systems equipped with cryptography and to infer key information. The main attack methods are cryptographic analysis and side channel attack. Side channel attack is a technique for inferring key information from information on power consumption at the time of processor operation and the time needed for cryptographic processing, in addition to the cryptographic content and the corresponding clear‐text sentences. As cryptography is used in more areas, side channel attack has drawn more attention. Among side channel attacks, differential power analysis is a powerful method of analysis in which many of the power consumption patterns of the processors under operation are collected and statistical processing is applied to them. In differential power analysis, one bit in an intermediate variable dependent on the key information is noted and the power consumption pattern dependent on this variable is analyzed. However, due to advances in miniaturization of devices and voltage reduction, it is becoming difficult to detect power consumption patterns dependent on the key if conventional differential power analysis is used. In the present paper, all bits of the intermediate variable dependent on the key information are noted. A moving average line is derived from statistical processing of the results of the power difference analysis of each bit and the statistically processed waveforms. Then, the difference in amplitude from the moving average line is used in the proposed evaluation method. By the proposed method, key dependent patterns can be detected even in a low‐voltage device. Experiments are carried out on the encryption capabilities installed on FPGA manufactured by the latest process. Countermeasures to the proposed method are discussed. © 2005 Wiley Periodicals, Inc. Electron Comm Jpn Pt 3, 88(8): 28–37, 2005; Published online in Wiley InterScience (www.interscience.wiley.com). DOI 10.1002/ecjc.20140