/
TheBackendDuplicationMethodALeakageProofPlaceandRouteStrategyforA TheBackendDuplicationMethodALeakageProofPlaceandRouteStrategyforA

TheBackendDuplicationMethodALeakageProofPlaceandRouteStrategyforA - PDF document

sophia2
sophia2 . @sophia2
Follow
343 views
Uploaded On 2022-09-06

TheBackendDuplicationMethodALeakageProofPlaceandRouteStrategyforA - PPT Presentation

2WDDL2usesdualgatespairstoensureaconstantactivityalthoughthepowerconsumedbyeachgateofthepairisnotthesame3SpeedindependentSIlogicpresentedin3featuresaconsumptionindependentontheinputdatacon ID: 951625

place backendduplication false wddl backendduplication place wddl false method springer route true 2004 resp tiri verbauwhede proceedingsofches regularorientation cation

Share:

Link:

Embed:

Download Presentation from below link

Download Pdf The PPT/PDF document "TheBackendDuplicationMethodALeakageProof..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

The\BackendDuplication"MethodALeakage-ProofPlace-and-RouteStrategyforASICsSylvainGuilley,PhilippeHoogvorst,YvesMathieu,andRenaudPacaletGET/T¶el¶ecomParis,CNRSLTCID¶epartementcommunicationet¶electronique46rueBarrault,75634ParisCedex13,France.guilley,hoogvorst,mathieu,pacaletAbstract.Severaltypesoflogicgatessuitableforleakage-proofcom-putationshavebeenputforward[1{4].Thispaperdescribesamethod,called\backendduplication"toassemblesecuredgatesintoleakage-proofcryptoprocessors.Totheauthors'knowledge,thisarticleisthe¯rstCAD-orientedpublicationtoaddressalltheaspectsinvolvedinthebackenddesignofsecuredhardware.The\backendduplication"methodachievestheplace-and-routeofdi®erentialnetlists.Itallowsfor100%placementdensityandforbalancedroutingofdual-railsignals.Wiresofeveryothermetallayerarefreetomaketurns.Inaddition,themethoddoesnotre-quireanymodi¯cationtothedesignrulespassedtotherouter.The\backendduplication"methodhasbeenimplementedin0.13¹mASICtechnologyandsuccessfullytestedonvariousciphers.TheexampleofthedesignofaDESmoduleresistantagainstside-channelattacksisdescribedintodetails.Keywords:Informationleakage,securedbackend,di®erentialsignals.1Introduction:UsingDi®erentialLogictoThwartSCAIthasbeenshownthatsensitiveinformationcanbeextractedfromcryptographichardwareeitherbyspyingphysicalquantitiesorbyinjectingfaults.The¯rsttypeofattackisoftenreferredtoas\side-channelattack"(SCA[5{7]),whereastsecondoneisalsoknownas\faultattack"(FA).TwoclassesofcountermeasuresagainstSCAhavebeenputforward.The¯rstideaistoshieldthehardwareatthealgorithmiclevel:thedatamanipulatedbythecryptoprocessorismaskedorprotectedbysecret-sharingmethods.Thesecondideaistobuildthehardwareusingonlyleakage-proofgates,soasmakesurethattheoverallcryptoprocessori

s,inturn,leakage-proof.Thisarticlefocusesontheimplementationofthelatterclassofcounter-measures.Manyleakage-prooflogicstyleshavebeenpublished.Thelevelofprotectionthesecuredgatesprovidedependsupontheirspeci¯cation:1.SABL[1]isalogicconsuminganearlyconstantcurrent. 2.WDDL[2]usesdualgatespairstoensureaconstantactivity,althoughthepowerconsumedbyeachgateofthepairisnotthesame.3.Speed-independent(SI)logicpresentedin[3]featuresaconsumptioninde-pendentontheinputdatacon¯guration.Italsoshieldsagainsttheleakageofthesignaltransitionstimingbysynchronizingtheinputs.4.Re¯nements[4]oftheprevioussolutionalsoensurethatparasiticcapaci-tancesareunconditionallyunloadedbetweentwocomputations.Someofthosemethods,forinstancemethods3and4above(nicknamed\SI-WDDL"intherestofthisarticle)canalsoembedanerror-detectionfeature.Themechanism,basedonanalarmpropagation,isexplainedin[3].Nevertheless,resistancetofaultsinjectionisnotcoveredinthispaper.Thelogicalpart(coding,functionalityveri¯cation,re¯nementsforsynthesis)inadesigntargetingFPGAorASICimplementationiscalledfrontend.Thephysicalpart(mainlyconsistinginplace-and-route,butextensivedescriptionisprovidedinSect.2)iscalledbackend.Thecommonpointtothesecuregateslistedaboveistheuseofdi®erentiallogicwitha4-phaseprotocol,suchas\re-turntozero"(RTZ)oranyvariation[8].Ithasalreadybeenstressedthatthesecurityofindividualgatescanextendtoanetlistofgatesonlyprovidedthattheinterconnectiskeptdi®erential[9].Nonetheless,mostarticlesevadethequestionoftheimplementationofasecurebackenddesign.Giventhecomplexityofbackend°owsinsub-microntechnologies,asimplewaytorealizethesecurebackendisnecessary.Weprovideinthisarticleamethod,called\backendduplication",thatintegratesthesecureplace-and-routeintoanypreexistingbackend°

owwithoutmodifyingthedesignrules.Therestofthearticleisorganizedasfollows:the\backendduplication"ispresentedinSect.2.ThemethodisappliedtosomesecuredgatesprimitivesinSect.3.Acasestudy,namelyaDEScryptoprocessor,isprovidedinSect.4.ThisexamplewasactuallyfabricatedinHCMOS9GP0:13¹mtechnologyfromSTMicroelectronicsusingthemethodpresentedinthispaper.Thissectioncon-tainsanevaluationofthecostandofthesecurityincreaseprovidedbytheuseofthe\backendduplication".Finally,Sect.5concludesthearticle.2The\BackendDuplication"Method2.1Regular\Place-and-Route"ASICDesignFlowInastandardcell°ow,cryptographicfunctionsaresynthesizedintoanetlistofprimitivegates.Then,thegatesareplacedintorows(seeFig.1(a)).Ineachrow,thegatesareabutted,sothattheysharetheground(VSS)andthepower(VDD)lines.Whentwogatesarenotplacedsidebyside,a\¯ller"cellcanbeaddedin-betweentoensurethecontinuityofthesupplylines.Insub-microntechnolo-gies,thereareenoughlevelsofmetaltoallowtheroutingoftheinterconnectoverthestandardcellrows.Forthisreason,therowsarethemselvesabutted.Thus,thesupplylinesaresharedbetweenadjacentrows.Thisisachievedby°ippingupside-downeveryotherrow:theground(resp.thepower)ofonerow ismergedwiththeground(resp.thepower)ofthelower(resp.theupper)row,(seeFig.1(b)).Sub-microntechnologiesallowfor45degreewireroutes,butthisfeatureisnotyetimplementedincommercialrouters:currently,theroutingisstillMan-hattan.Moreover,themostpopularroutersarealsogrid-based.Metalwiresaronlyinstantiatedalongavirtualroutingtrackssuperimposedonthe°oorplan(seeFig.1(c)).Itisthuscustomarytoattributeapreferreddirectiontoeveryroutinglayer.However,routersconsiderthepreferreddirectiononlyasarecom-mendation.Theconventionweuseinthispaperisthatoddmetallevels(metal1,metal3,andsoforth)arepreferenti

allyroutedvertically,whereasevenmetallevelsarepreferentiallyroutedhorizontally.I2I3I4I5I9I10I8I7I6I1I0I12I11(b)PlaceOK(c)RouteOK(a)FloorplanOKPlacementrow#1(upside-down)Placementrow#2(regularorientation)(upside-down)Placementrow#3Placementrow#4(regularorientation)VDDVSSVDDVSSVDDFig.1.Illustrationoftheregular(andunsecure)\Place-and-Route"ASICdesign°ow.2.2The\BackendDuplication"MethodOverviewThe\backendduplication"addressesthestrengtheningagainstSCAofsensi-tiveASICs(smartcards,hardwiredcryptoprocessors,etc.)Itconsistsinasinglemanipulationofthebackendlayouttoensurethesecurityofitsinterconnect.However,thismethodshallnotbeconfusedwiththetailoredduplicationmethodforsoftwareordedicatedhardwareimplementations[10].Thebasicideaofthe\backendduplication"methodistoapplyaregularbackend°owonasingle-ended(asopposedtoduplicated)netlist,takingcaretoleaveenoughroomonthe°oorplanfortheduplicationoftheplaced-and-routednetlist.Theduplicationbasicallydemandsthateveryotherrowbekeptfree,whichistypicallyachievedbyobstructingeveryotherrowforplacement.Thenextaspectconcernedwithduplicationistheinterconnect.Tomakeitpossibletoduplicatetheinterconnect,theverticalwires,thatconnecteveryotherrow,areforcedtooccupyonlyoneroutingchannelintwo.Thisensuresthatasimplerightshiftoftheverticalroutingbyaroutingpitch(i.e.thedistance separatingtworoutingtracks)doesnotcreateelectricalshorts.Asaconsequence,verticalwiresmustbestraight.Iftheywereabletomaketurns,theywouldcrosstheadjacentroutingtracksthatarekeptfreefortheduplicatedverticalroutes.Onthecontrary,wiresofthe\horizontalroutinglayers"areleftfreetomaketurns,aslongastheyremainintheirplacementrow.Indeed,ifthehorizontalroutingiscon¯nedwithinonerowovertwo,theduplicationofthe\horizontal"wiresintheupper

orthelowerrowsdoesnotinterferewiththewiresinthecurrentrow.Theconstraintsimposedtotheplace-and-routetoolsummarizeasfollows:asthedesignmustbetranslatedverticallybytheheightofoneplacementrow(ROWHEIGHT)forplacementreasonsandhorizontallybyoneroutingpitch(PITCH)forroutingreasons,thewholeplaced-and-routeddesignisscheduledtomovebya(±x;±y)=(PITCH;ROWHEIGHT)vectortranslation.Inbackendtaxon-omy,thistranslationactuallycoincideswiththeminimum\placementsite".Atthatpoint,theresultoftheduplicationistwoidenticalnetlistsinterleavedoneintotheother.Noticethatthenetlistscannotbe\de-interleaved"becausetheyarenotindependent:somesignalsmustbeexchangedlocallybetweenabut-tedgates.AswewillseeinSect.3,ithappensfortheinvertergateinSABLandWDDL(Tab.1(b))andforallgatesinSI-WDDL(Fig.7).Thechip¯nishingstepsshallnotdeletetheindistinguishabilityofthetwonetlists.Forinstance,thedummiesgeneratormustbeconstrainedtoadddum-mies(metalpiecesaddedrandomlytoful¯lltheminimumdensitydesignrules)onlyintherowsinwhichplacementisallowed.Afterwards,dummiesaredu-plicatedandtranslatedbyaplacementsite:theyendupinthesameroutingenvironmentasinitially(noshortiscreated)sincetheroutingwasduplicatedinthesamemanner.2.3TheConstraintsRequiredbythe\BackendDuplication"Asmentionedabove,the\backendduplication"methodisimplementedby(1)constrainingthedesignand(2)duplicatingtheplaced-and-routeddesign.Theconstraintscanbegeneratedautomaticallybyascriptsettingthefollowingobstructions:{placementblockagesonerowovertwoandontherightmostplacementsiteoftheplaceablerow,{routingblockagesofonetrackchannelovertwoforverticalmetalsandovertherowsalreadymarkedobstructedforstandardcellplacementforhorizontalmetals.Figure8(a)illustratestheseconstraintsona162-sitepieceof°oorplan.Asfarastheroutin

gisconcerned,theseconstraintsaremore°exiblethantheonesproposedinthe\fatwire"method[9],sinceonlyverticalwiresareforcedtore-mainstrictlystraight.Themetalswhosepreferredroutingdirectionishorizontalarefreetozigzag,providedtheystaywithintheirrow.Thisdegreeoffreedomisnotnegligible,sincetherearetypicallyaround12routingchannelsperrow.Thisallowsforbothamoresuccessfulandafasterrouting. 2.4InsertionintoanExistingDesignFlowAsseeninSect.2.3,the\backendduplication"methodneednotrede¯nethede-signrules.ItonlyreliesonconstraintsontheCADsoftware.Atypicalbackend°owincludesthestepsshowninFig.2.Theinsertionofthe\backendduplica-tion"consistsinaddingthreesteps(i,iiandiii).-Floorplanning-Place-and-route-Clocktreegeneration-Scanchainoptimization-Antennae®ectscorrection-Customsteps,likeECOorSI¯x-Dummiesplacement:Obstructionsimplementation:DuplicationiiiiiiFlowcompatiblewiththe\backendduplication".Addedsteps:Regularbackend°ow::FloorplandimensioningFig.2.Typicalbackend°owandmodi¯cations(stepsi,iiandiii)toimplementthe\backendduplication"method.i.Floorplandimensioning.Asamatteroffact,the°oorplanofandesignblockismadeupoftwoparts:thecore,devotedtothestandardcellsplacementandthedie,thatcoversthecoreandanextrachannelsurroundingit.Itisusedforexampletorouteasupplyring.ThecorehorizontaldimensionmustbeanevennumberoftheroutingPITCHandtheverticaldimensionanevennumberofROWHEIGHT.Thisconditionensuresthattheplacementandtheroutingwithinthecoredonotextendoutofthecoreafterduplication.Thecorecaneitherbecheckedandrepairedifoneofthe¯guresisoddorgeneratedautomatically.Toendupwithacoreofdensitydandofaspectratior,the¯rststepistogenerateacoreofdensityd=2andofaspectratior=2beforeduplication.Thenthecoredimensions(x;y)areretrieved,andanewcorewiththedimension

s:x0x2PITCH2PITCH;y0y2ROWHEIGHT2ROWHEIGHTisregenerated.Itsdensityisslightlylessthandanditsaspectratioroughlyequaltor.ii.Obstructionsinstantiation.TheconstraintscriptdescribedpreviouslyinSect.2.3canbegeneratedautomaticallyassoonasthe°oorplandimensionsareknown.Thisscriptissourcedafter°oorplanningandbeforeplace-and-route. iii.Duplication.Asfarasstandardcellsareconcerned,theduplicationconsistsinatranslationbyaplacementsitefollowedbyanhorizontal°ippingofeacrow.Theroutingduplicationisabitmorecomplexthanameretranslation.In-deed,thedesignpinsextendoverthecoretoreachthedieboundary.Iftheroutingwassimplytranslated,theduplicateddesignwouldhavepinsbothin-sideandoutsidethedie.Toavoidthisshortcoming,theroutingextremities(u;v)ofeverywireundergothistransformation:{if(u;v)belongstothecore,then(u0;v0)=(uPITCH;vROWHEIGHT),{otherwise(u0;v0)=(u;v).Additionally,topreventshorts,theconstraintsdescribedinSect.2.3actuallyextendtilltodielimitsandtheroutingchannelsthatareentirelyoutsidethecoreareobstructed.ThesetransformationsareillustratedonFig.8(b).Theinformationneededtoapplytheduplicationistheorientationandposi-tionofstandardcellsandtheroutingcoordinates.Thedesignexchangeformat(DEF)typicallycontainsallthisinformation.GiventhesimplicityoftheDEFsyntaxandtheavailabilityofparsers[11],theduplicationcanbeimplementedeasily.ItisalsoagoodideatoapplytheduplicationontheVerilognetlist:itconsistsinduplicatingallwiresandallleafinstances(i.e.standardcells).Verilogparsersareeasytowrite,evenfromscratch.Thekeybene¯tofgeneratingtheduplicatedVerilognetlististoenableLVSveri¯cation.2.5ComparisonwithRelatedWorksK.Tiri[12]noticedthatthebalancednessoftheroutingiscrucialtoe®ectivelyprotectadi®erentialcircuitagainstSCA.Thesolutionputforwardin[9]isbasedon

\fatwires"routing:alargewireis¯rstroutedandthensplitintotwominimum-sizedwires.Thismethodimpliesthat:{Speci¯cdesignrulesmustbewrittenforthe\fatwires".{Theonlywayforawiretoturnistochangelayers.{Forthe\fatwire"toaccessthepinsofstandardcells,theirlayoutmustberede¯ned.The\backendduplication"impliesnoneoftheseassumptions.TheexperimentalDPA[6]ofF.G.Bouesseetal.[13]alsoshowedthattheweakestnodesinadi®erentiallayoutcorrespondtounbalancedpairs.Theback-endcorrection°owdescribedin[14]isiterative:thedesignissuccessivelyroutedandanalyzed,untileverydual-railpairisbalanced.Theanalysisconsistsinthecollectionforeverynodeofthesumoftheparasiticelementsextractedafterev-eryrouting(moredetailsinSect.4.2).Thismethodrequiresacomplexstrategytoconstraintherouterandanontrivialalgorithmtoguidetheiterativeprocesstowardsaconvergencepoint.Onthecontrary,theroutinggeneratedby\back-endduplication"isbalancedbydesign.However,the\backendduplication"onlyhandlespairsofsignals,whereastheiterativemethod[14]canroutebothdualandsingle-railsignals(dataisdual-rail;acknowledgeissingle-ended.) 3Suitabilityofthe\BackendDuplication"MethodwithsomeLogicStyles3.1BackendDuplicationforWDDLThewavedynamicdi®erentiallogic(WDDL,[2])isadesignstylethatusesstandardcellsbypairs,insuchawaythatatanystepofthecomputation,oneandonlyoneofthetwogateshasatransition.Thisbehaviormasksthe°uctuationsofthepowerconsumptionduetoirregularactivity:theactivityofaWDDLcircuitisconstant.Thecomputationsaresplitintosuccessiveprechargeandevaluationsteps.ABooleanfunctionei2f0;1;¢¢¢g(ei)iscomputedusingthetwodualgatesT(ei)andF(ei)thatsatisfy:Duringprecharge:i;fT(ei)=F(ei);Duringevaluation:i;fT(ei)=F(ei):(1)Table1(a)providessomeexamplesofdualgatespairssuitableforWDDL.Iftheconditionontheprechar

gein(1)cannotbemet,theidentityshowninTab.1(b)solvestheproblemout.Thetruthtableoftwodualgates(refertoTable1.Duality:de¯nition,examples(a)andWDDLidentityfortheinvertor(b).(a)RegulargateDualgateDe¯nition()()Examples¦§e§¦e(b)e1e0e0e1e0e1e1e0,DualinvertorRegularinvertorTable.2)showsasymmetry,thatcanalsobeobservedatthetransistorlevel,asshowninTable.3.ThesymmetryillustratedinTable.3suggeststhatstandardcellsarereadytobeusedinaWDDL°owusingthe\backendduplication"method.Thisisactuallyonlypartiallytrue:thestructuresintransistorsindeedperfectlysu-perimpose,butinpractice,PMOS(symbol:)aredrawnwiderthanNMOS(symbol:.)Forthisreason,inacommercialstandardcelllibrary,thepinsofagate(regularorientation:orR0)andoftheX-symmetric(orientation:orMX)ofitsdualdonotmatchexactly.Nevertheless,astheyarelocatedontheroutinggrid,theyusuallyoverlap.Fortunately,itiseasytoworkaroundthisdi±culty.Theprocedurebeginswithanenlargementofthepins.Then,thepinsaremergedconsideringtheintersectionoftheenlargedpins.Theroutingobstructionsarebasicallymadeupofthemetalnotincludedintheunionofthenewlycreatedpins:PINPIN(NAND)PIN(NOR);(inFig.5)OBS=(OBS(NAND))OBS(NOR)))(PIN(NAND)PIN(NOR)):(inFig.5) Table2.Truthtableofthetwodualfunctions.010¢10+100xx1011011Table3.Illustrationofthedualgatecou-plesymmetryT;(N;P);g$fF;(P;N);.RegulargateT()DualgateF()Orientation:orOrientation:orVDDVSS1111Y1xxVDDVSS0000Y0Thisprocedurecanbeappliedonthesoleabstractviewofthestandardscells.ThusasimpleLEFparser[11]canbeusedturnastandardcelllibraryintoaWDDL-compliantlibrary.Insteadofdescribingtheparserintodetails,agraph-icalexampleontheNAND/NORandAND/ORgatecouplesisshowninFig.5.Asfarascellplacementduplicationisconcerned,themethodpresentedinstepiii(refertoSect.2.4)demandsthat,inadditiontothed

uplicationandthe°ipping,thegatebereplacedbyitsdual.3.2BackendDuplicationforOtherLogicGatesInordertoapplythe\backendduplication"methodtoSABLorSI-WDDL,thegatesmustbesplitintotwoparts:onecomputingtruevalues,theotherfalsevalues.ThesplittingisstraightforwardforSABL,asshowninFig.6.AsforSI-WDDL,thedivisionisabitlesstrivial,butissanesinceitforcesthesymmetryofthetransistorschematictobekeptinlayoutview.TheplacementofeachbuildingblockofthecellalongwiththeindicationoftheirorientationisprovidedinFig.7.ForbothSABLandSI-WDDL,thegatepinsmustbedesignedinsuchawaytheyareleftunchangedinasymmetryyROWHEIGHTy(orR0MX).Thisconditionensuresthataconnectiontothepinofaregulargate(placed¯rst)alsoarrivesonapinoftheotherhalfofthegate(placedwhileduplicatingthebackendatstepiii).Additionally,theroutingconvergesfasterifthepinsareplacedoneveryotherverticalroutingtrack:thepinsarebetteraccessediftheyarenotbelowaverticalroutingobstruction. 4ImplementingaDuplicatedNetlist4.1TheExampleofaSecuredDESCryptoprocessorDesignInthissection,weexplainhowaplaced-and-routednetlistobtainedbythe\back-endduplication"methodcanbeembeddedintoawholedesign.Firstofall,letusnoticethatafterduplication,evenglobalsignalsareduplicated:theduplicatedbackendhastwoclocksandtworesets,thatmustbeshortedtogether.Thetwoscanchainscaneitherbejoinedorbeconsideredindependently.Mostoften,thewholecryptoprocessorneednotbesecured.ThereasonisthatwhenimplementinganonproprietaryalgorithmsuchasDES,thecomputationstepsarepublic.Asaconsequence,thecontrolleaksnoncon¯dentialinformation.Inmostdesigns,thecontrol(algorithmsteps)canbeclearlydissociatedfromthedatapath(dataprocessing).Itisrelevanttoderivethecontroloftheduplicateddatapath(dual-railen-coding,RTZprotocol)fromtheoriginalcontroloftheinsec

uredatapath(single-ended,noRTZ):itallowstodebugasingle-endedcontrol,whichiseasiertounderstandandfastertosimulate.Themethodtoupdatetheregularcontroltomakeitcompatiblewiththeduplicateddatapathrequiresthat:{Thestatemachinecanbefrozen:ithasanenableinput.ThisenableforcesthestatemachinetoworktwiceasslowasinitiallytomimicRTZ.{Thecontroliswrappedbyaconvertersingle-to-dualrailforthedatapathinputsanddual-to-singlerailforitsoutputs.Inadditiontoconvertingthecontrolsignalsexchangedbetweenthedatapathandthecontrol,thecontrolwrapperalsoconvertsthedatapathinputandoutputdata.Thus,seenfromtheoutside,thecryptoprocessorkeepsasingle-endedinterface.However,theinternalarchitectureofthedatapathisdual-railRTZsecurelogicobtainedby\backendduplication".Whenthecontrolisdisabled(enable=0),alltheinputsignalsofthedata-path(providedbythecontrolwrapper)aresettotheprechargestate(e.g.00).Thissolutionemulatesthedual-railRTZprotocolrequiredbytheduplicatedarchitectureofthedatapath.Moreover,thisarchitectureiswellsuitedforasychronousgatesimplementations,suchasSI-WDDL,becausethedatapathinputs(bothdataandcontrol)arekeptbehindaregisterbarrier,whichguaranteesthatthosesignalsareglitch-free.ThisconditionismandatoryforSI-WDDLlogictoworksecurely.TheschematicofFig.3showsthesecurearchitectureofaDESmodule.Letusnoticethatthecontrolinputsignals(asimplestartcommand,namedGOinFig.3)ismemorizedasGOQoverthetwophases(prechargeandevaluation),topreventitfrombeingdiscardedifitarriveswhenthecontrolisdisabled.TheGOcommandcanactuallybeactivatedatanytime,becausethecryptoprocessorenvironmentisnotawareoftheRTZbehaviorofthesecuredDES.4.2MethodCostandSecurityEvaluationThemethodoverheadisassessedbelow: ORRegisters:()Command(GO)Phase(enable)clk1raminEOC1188ramoutenablesel1we

b8ramaddGOQDESCONTROLGOSDESCONTROLphase0000sel1sel0ramout2railramin2railSDESDATAPATH2£#controlsignals2£82£8sel2railSI-WDDLlogicFig.3.SecuredDESarchitecture.Theduplicateddatapath(),forex-ampleimplementedinSI-WDDLlogic,isobtainedaccordingtothemethodde-scribedinSect.2.Theregularcontrol()isencapsulatedintoawrapper()thatcaninterfacetothedual-raildatapathofDES.{Thecircuitfrequencyisunchanged,buteveryencryptiontakestwicemoretimetoexecutebecauseoftheRTZprotocol.{Theareaincreaseofthedatapathdependsonwhichsecuredgatesareused.IfWDDLgatesarechosen,SDESDATAPATHissimplytwiceaslargeasDESDATAPTH.IfSI-WDDLgatesarechosen,weobtaina15timesareaincrease1.Theoverheadofthecontrolareais14%:theareaofthemoduleDESCONTROL(resp.SDESCONTROL)is12942m2(resp.14788m2.)Theincreaseofsecuritycanbeassessedbytheratioofthetwoduallinesrout-ingcapacitancesandresistances.Thecapacitance\C"accountsforthepowerdissipationoccurringateverytransition:12C(VDDVSS)2.Theresis-tance\R"isresponsibleforthedelayRCofthetransitionpropagation.ThewirepairsareallthemorebalancedastheratiosC(true)/C(false)andR(true)/R(false)donotspreadmucharound1.Figure4showstherepartitionofthoseratiosforthe2211internalwirecouplesofSDESDATAPATH.Thethreedatasamplescorrespondtoadualplaced-and-routeddesign,obtainedbythe\backendduplication"method,adualplacedandregularrouteddesign,andaregularplaced-and-routeddesign.Boththecapacitancesandresistanceswere1TheSI-WDDLgateswerenotoptimized:amuchbetterratiocanprobablybeob-tained,evenwithoutanytrade-o®onthegatesymmetry. obtainedusingtheRCextractortoolofCadenceSOC/Encounter.Thetech-nologicalinformationwasproducedbytheCadencecoyote¯eldsolver.Theresistanceofa\backendduplicated"circuitagainstEMA[7]hasnotbeenevaluatedyet. 0 0.5 1 1.5 2 2.5 3 3.5 4Bin

CountC(true) / C(false)500100015002000Dual place-and-routeDual place, regular routeRegular place-and-route 0 0.5 1 1.5 2 2.5 3 3.5 4Bin CountR(true) / R(false)500100015002000Dual place-and-routeDual place, regular routeRegular place-and-routeFig.4.Ratioofthecapacitancesandtheresistancesofdualnets.5ConclusionSecuringacryptoprocessoragainstphysicalattacks(eitherSCAorFA)canbedoneatthealgorithmicorattheimplementationlevel.Thispaperfocusesonthecountermeasuresonthehardwareimplementation.Manytypesofprimitivegatessuitableforsecurecomputationhavebeenproposed[1{4],buttheissueofbuildingcryptoprocessoroutofthemisseldomaddressed.Totheauthors'knowledge,onlythe\fatwire"method[9]partiallytacklesthisproblem.Weprovideacompletedescriptionofabackend°owcompatiblewithalloftheabove-mentionedgates.Themethodwedescribecanapplytoallexisting°owsandrequiresnomodi¯cationofthedesignrules.The\backendduplication"methodisillustratedontheexampleofaDEScryptoprocessor.Thisexamplealsoshowsthatthemethodiscompatiblewithasecurepartitioningofthedesign:onlythedatapathisduplicated.Theemphasis isplacedontheinsertionoftheduplicateddatapathintothewholeDES,whoseinterfaceremainsunchanged.Thiscasestudyprovesthatthehardeningofacryptoprocessorcanbefullyautomatedandthattheintegrationofthe\backendduplication"methodintoanexisting°owisseamless.AcknowledgementsThisworkhasbeenpartiallyfundedbythe\conseilr¶egionalProvenceAlpesC^oted'Azur"andtheResearchMinistry,throughACISIMARS.TheauthorsarealsogratefultotheASTdivisionofSTMicroelectronics(Rousset,France),forhelpinthedesignandthefabricationofthesecuredDESASICprototype.References1.Tiri,K.,Akmal,M.,Verbauwhede,I.:ADynamicandDi®erentialCMOSLogicwithSignalIndependentPowerConsumptiontoWithstandDi®erentialPowerAnalysi

sonSmartCards.In:ProceedingsofESSCIRC'02.(2002)pp403{406.2.Tiri,K.,Verbauwhede,I.:ALogicLevelDesignMethodologyforaSecureDPAResistantASICorFPGAImplementation.In:ProceedingsofDATE'04.(2004)pp246{251.3.Moore,S.,Anderson,R.,Cunningham,P.,Mullins,R.,Taylor,G.:ImprovingSmartCardSecurityusingSelf-timedCircuits.In:ProceedingsofASYNC'02.(2002)pp211{218.4.Guilley,S.,Hoogvorst,P.,Mathieu,Y.,Pacalet,R.,Provost,J.:CMOSStructuresSuitableforSecuredHardware.In:ProceedingsofDATE'04.(2004)pp1414{1415.5.Kocher,P.,Ja®e,J.,Jun,B.:TimingAttacksonImplementationsofDi±e-Hellman,RSA,DSS,andOtherSystems.In:ProceedingsofCRYPTO'96.Volume1109ofLNCS.,Springer(1996)pp104{113.6.Kocher,P.,Ja®e,J.,Jun,B.:Di®erentialPowerAnalysis:LeakingSecrets.In:ProceedingsofCRYPTO'99.Volume1666ofLNCS.,Springer(1999)pp388{397.7.Gandol¯,K.,Mourtel,C.,Olivier,F.:ElectromagneticAnalysis:ConcreteResults.In:ProceedingsofCHES'01.Volume2162ofLNCS.,Springer(2001)pp251{261.8.Sokolov,D.,Murphy,J.,Bystrov,A.:ImprovingtheSecurityofDual-RailCircuits.In:ProceedingsofCHES'04.LNCS,Springer(2004)pp282{297.9.Tiri,K.,Verbauwhede,I.:PlaceandRouteforSecureStandardCellDesign.In:ProceedingsofCARDIS'04.(2004)pp143{158.10.Goubin,L.,Patarin,J.:DESandDi®erentialPowerAnalysis(The"Duplication"Method).In:ProceedingsofCHES'99.LNCS,Springer(1999)pp158{172.11.LEF/DEFparsers:(website)or.12.Tiri,K.,Verbauwhede,I.:"SecuringEncryptionAlgorithmsagainstDPAattheLogicLevel:NextGenerationSmartCardTechnology.InLNCS,ed.:ProceedingsofCHES'03.Volume2779ofLNCS.,Springer(2003)pp125{136.13.Bouesse,G.,Renaudin,M.,Robisson,B.,Beign¶e,E.,Liardet,P.Y.,Prevosto,S.,Sonzogni,J.:DPAonQuasiDelayInsensitiveAsynchronousCircuits:ConcreteResults.In:ProceedingsofDCIS'04.(2004)Bordeaux,France.14.Bouesse,G.,Renaudin

,M.,Dumont,S.,Germain,F.:DPAonQuasiDelayInsen-sitiveAsynchronousCircuits:FormalizationandImprovement.In:ProceedingsofDATE'05.(2005)pp424{429.Munich,Germany. AAppendix:GraphicalIllustrationsofthe\BackendDuplication"MethodFigures5,6and7showhowWDDL,SABLandSI-WDDLgatesmustbetrans-formedpriortobeingusedinthe\backendduplication"design°ow.Figure8illustratesthe\backendduplication"(stepsiiandiii)ona°oor-plansuitablefortheduplication(stepiwasalreadyexecuted:the°oorplandimensionsareeven.)NORNORNANDNANDOROROR(false)R0ANDANDANDNAND / NORAND / ORAVSSYBAYBFig.5.TransformationontheabstractedviewsofthestandardcellstomakethemWDDL-compliant[2].Thisresultinggatecouplesatis¯esthefollowingcondition:theabstractcouplesT;(N;P);andF;(P;N);perfectlysuperimpose. VSSVDD1B10B0clkclkY0Y1VSSVSSclk(false)R0(true)MX1B1clkY10B0clkclkVDDY0(a)(b)Fig.6.TransformationofagateimplementedinSABL[1](a)intotwodualgates(b),forsubsequentuseinthe\backendduplication"design°ow.VSS(false)R0(true)MX0B00B111B0B1Y0Y1Y0Y10B01B10B01B1VSS(a)(b)Fig.7.TransformationofagateimplementedinSI-WDDL[3](a)intotwodualgates(b).Noticethatthetwohalvesofthegateexchangesignals. Verticalroutes:-forbidden-allowedPITCH:(a)FloorplanafterstepiiofSect.2.4(b)FloorplanafterstepiiiofSect.2.410111213456789NANDNOR16£PITCH2£ROWHEIGHTROWHEIGHTHorizontalroutesforbiddenHorizontalroutesallowedOrientation:MXOrientation:R0PlacementforbiddenPlacementallowed2Fig.8.(a)Placeandrouteconstraints,illustratedona°oorplancontaining16£placementsites.Inunits,theplacementsiteis1£12andtheroutinggrido®setis12£12.(b)Final°oorplancontainingonesinglegate(anditsdualgate).Thehorizontalwirescanturn(wiresconnectingportsA,BandY),whereastheverticalonesarestraight.Theviasthatcontacthorizontalandverticalwiresarenoted

Related Contents


Next Show more