spin me right round: rotational symmetry for fpga-specific aes · 1 rijmen , barreto gazzoni filho....
Post on 17-Feb-2019
219 Views
Preview:
TRANSCRIPT
Grant. Nr.
16KIS0666
SYSKIT_HW
Spin Me Right Round: Rotational
Symmetry for FPGA-Specific AES
CHES 2018, Amsterdam
Lauren De Meyer1, Amir Moradi2, Felix Wegener2
1 imec - COSIC, KU Leuven, Belgium2 Horst Görtz Institute for IT-Security, Ruhr-Universität Bochum, Germany
2
Embedded Security Group
Area Optimization: ASICs vs FPGAs
ASIC
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
3
Embedded Security Group
Area Optimization: ASICs vs FPGAs
ASIC
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
FPGA (Xilinx 6/7 series)
Spartan-6 FPGA Configurable Logic Block User Guide
4
Embedded Security Group
FPGA Building Blocks (Xilinx)
▪ Slice contents:
– 4 LUT6 elements
– Auxiliar MUX
– (8 registers)
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
LUT6
LUT6
LUT6
LUT6
Slice
5
Embedded Security Group
FPGA Building Blocks (Xilinx)
▪ Slice contents:
– 4 LUT6 elements
– Auxiliar MUX
– (8 registers)
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
LUT6
LUT6
LUT6
LUT6
Slice
One slice can implementany 𝔽2
8 → 𝔽2 function
6
Embedded Security Group
AES S-box Structure
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
𝑥−1 = 𝑥254
𝐺𝐹(28)
𝐴𝑥 + 𝑏
Power Map
Affine Map
7
Embedded Security Group
AES S-box in FPGAs
▪ Naive Approach: one slice per coordinate: 8 slices
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
slice slice slice slice slice slice slice slice
8
Embedded Security Group
AES S-box in FPGAs
▪ Naive Approach: one slice per coordinate: 8 slices
▪ Algebraic degree 7 → no obvious improvements
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
slice slice slice slice slice slice slice slice
9
Embedded Security Group
AES S-box in FPGAs
▪ Naive Approach: one slice per coordinate: 8 slices
▪ Algebraic degree 7 → no obvious improvements
▪ Tower field doesn‘t suit LUTs
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
slice slice slice slice slice slice slice slice
Canright. A Very Compact S-box for AES. CHES 2005
10
Embedded Security Group
AES S-box in FPGAs
▪ Naive Approach: one slice per coordinate: 8 slices
▪ Algebraic degree 7 → no obvious improvements
▪ Tower field doesn‘t suit LUTs
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
slice slice slice slice slice slice slice slice
Canright: A Very Compact S-box for AES. CHES 2005
Our Contribution: Reduction to 4 slices
11
Embedded Security Group
Rotational Symmetry of Power Maps
Inversion in 𝐺𝐹 28 : 𝑥 ↦ 𝑥254
Conversion to normal base: 𝑥 ↦ 𝜙 𝑥
Rotation: 𝑟𝑜𝑡 𝑎0, … , 𝑎𝑛−1 = (𝑎𝑛−1, 𝑎0, … , 𝑎𝑛−2)
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
12
Embedded Security Group
Rotational Symmetry of Power Maps
Inversion in 𝐺𝐹 28 : 𝑥 ↦ 𝑥254
Conversion to normal base: 𝑥 ↦ 𝜙 𝑥
Rotation: 𝑟𝑜𝑡 𝑎0, … , 𝑎𝑛−1 = (𝑎𝑛−1, 𝑎0, … , 𝑎𝑛−2)
Theorem1:
Power Map: 𝐹(𝑥) = 𝑥𝑚 in 𝐺𝐹(28)
Normal base: 𝑆(𝑥) = 𝜙(𝐹(𝜙−1(𝑥)))
⇒
𝑟𝑜𝑡(𝑆 𝑥 ) = 𝑆(𝑟𝑜𝑡(𝑥))
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
1 Rijmen, Barreto, Gazzoni Filho. Rotation Symmetry in Algebraically GeneratedCryptographic Substitution Tables. Information Processing Letters 2008
13
Embedded Security Group
Rotational Symmetry: Area Reduction
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
7
LSB of S-box: S*
6 5 4 3 2 1 0
Idea: Create circuit for only one coordinate function (LSB)
14
Embedded Security Group
Rotational Symmetry: Area Reduction
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
6
LSB of S-box: S*
5 4 3 2 1 0 7
Idea: Create circuit for only one coordinate function (LSB)
15
Embedded Security Group
Rotational Symmetry: Area Reduction
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
5
LSB of S-box: S*
4 3 2 1 0 7 6
Idea: Create circuit for only one coordinate function (LSB)
16
Embedded Security Group
Rotational Symmetry: Area Reduction
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
0
LSB of S-box: S*
7 6 5 4 3 2 1
Idea: Create circuit for only one coordinate function (LSB)
17
Embedded Security Group
AES S-box: Byte-serial Circuit
▪ Transformation to (p2n) and from (n2p) normal basis
▪ Occupies 4 slices:
16LUTs / 15Regs
▪ Latency: 8 cycles
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
p2n
𝑆∗
n2p
𝑥
𝑦
8
8
8
71
8
8
1
R2
18
Embedded Security Group
First Design:
Improve smallest FPGA-specific AES
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
19
Embedded Security Group
Former record by Sasdrich et al.1
▪ 21 slices on Xilinx Spartan-6
▪ 15 slices shown + 6 for control unit
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
KeyRAM256 Naive S-Box
(8 slices)MUX 2:1
MixCol.&
AddRndK
StateRAM256
MUX 4:1
K P
C
1 Sasdrich, Güneysu. A grain in the silicon: SCA-protected AES in less than 30 slices. ASAP 2016
20
Embedded Security Group
Former record by Sasdrich et al.1
▪ 21 slices on Xilinx Spartan-6
▪ 15 slices shown + 6 for control unit
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
KeyRAM256 Naive S-Box
(8 slices)MUX 2:1
MixCol.&
AddRndK
StateRAM256
MUX 4:1
K P
C
2 slices 1 slice 2 slices 2 slices
1 Sasdrich, Güneysu. A grain in the silicon: SCA-protected AES in less than 30 slices. ASAP 2016
21
Embedded Security Group
Former record by Sasdrich et al.1
▪ 21 slices on Xilinx Spartan-6
▪ 15 slices shown + 6 for control unit
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
KeyRAM256 MUX
2:1
MixCol.&
AddRndK
StateRAM256
MUX 4:1
K P
COur S-Box(4 slices)
Total design: 17 slices
1 Sasdrich, Güneysu. A grain in the silicon: SCA-protected AES in less than 30 slices. ASAP 2016
22
Embedded Security Group
Second Design:
Port smallest AES on ASICs to FPGAs
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
23
Embedded Security Group
Bitsliding Design: Jean et al, CHES 20171
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
Adapt smallest ASIC-based AES to FPGAs
1 Jean, Moradi, Peyrin, Sasdrich. Bit-sliding: A generic technique for bit-serial implementations of SPN-basedprimitives - applications to AES, PRESENT and SKINNY. CHES 2017
24
Embedded Security Group
Bitsliding Design: Jean et al, CHES 20171
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
Adapt smallest ASIC-based AES to FPGAs
1 Jean, Moradi, Peyrin, Sasdrich. Bit-sliding: A generic technique for bit-serial implementations of SPN-basedprimitives - applications to AES, PRESENT and SKINNY. CHES 2017
25
Embedded Security Group
Fully-bitserial S-box
▪ Bitserial in-/output
▪ Area: 4 slices:
16 LUTs, 16 Regs
▪ Latency: 16 Cycles
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
p2n 𝑆∗
n2p
𝑥𝑖
𝑦𝑖
1
7
8
8
17
8
8
1
8
R1
R2
26
Embedded Security Group
Bitsliding Design: Jean et al, CHES 20171
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
Adapt smallest ASIC-based AES to FPGAs
1 Jean, Moradi, Peyrin, Sasdrich. Bit-sliding: A generic technique for bit-serial implementations of SPN-basedprimitives - applications to AES, PRESENT and SKINNY. CHES 2017
27
Embedded Security Group
Bitsliding on an FPGA
▪ 4 LUTs as 32-bit shift registers
▪ Shiftrows:
32 cycles
▪ Mixcolumns:
32 cycles
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
1 slice
4 LUTs
2 slices
6 LUTs, 4 FFTotal design: 63 LUTs
28
Embedded Security Group
Comparison
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
Design # LUTs # Flipflops # Slices #Clockcyc. Max. Freq.
Sasdrich et al. [SG16] 84 24 21 1471 108 Mhz
Our AES based on [SG16] 68 39 17 5538 109 Mhz
Our AES based on [JMPS17] 63 38 19 4852 155 Mhz
[SG16] Sasdrich, Güneysu. A grain in the silicon: SCA-protected AES in less than 30 slices. ASAP 2016[JMPS17] Jean, Moradi, Peyrin, Sasdrich. Bit-sliding: A generic technique for bit-serial implementationsof SPN-based primitives - applications to AES, PRESENT and SKINNY. CHES 2017
29
Embedded Security Group
Third Design:
Smallest First-order secure AES on FPGAs
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
30
Embedded Security Group
Masking
▪ Decomposition into cubic function1:𝑥−1 = 𝑥254 = 𝑥26 49
▪ Implement one coordinate of each cubic function:𝐺∗ 𝜙(𝑥) = 𝜙(𝑥26), 𝐹∗ 𝜙(𝑥) = 𝜙(𝑥49)
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
1 Moradi. Advances in Side-channel Security. 2016
31
Embedded Security Group
Masking
▪ Decomposition into cubic function1:𝑥−1 = 𝑥254 = 𝑥26 49
▪ Implement one coordinate of each cubic function:𝐺∗ 𝜙(𝑥) = 𝜙(𝑥26), 𝐹∗ 𝜙(𝑥) = 𝜙(𝑥49)
▪ Find first-order masking (CMS2):
any-order: 𝑑 + 1 input sh. / 𝑑 + 1 𝑡 output sh.
first-order: 2 input shares / 8 output shares
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
1 Moradi. Advances in Side-channel Security. 20162 Reparaz, Bilgin, Nikova, Gierlichs, Verbauwhede. Consolidating masking schemes. CRYPTO 2015
32
Embedded Security Group
Masking
▪ Decomposition into cubic function1:𝑥−1 = 𝑥254 = 𝑥26 49
▪ Implement one coordinate of each cubic function:𝐺∗ 𝜙(𝑥) = 𝜙(𝑥26), 𝐹∗ 𝜙(𝑥) = 𝜙(𝑥49)
▪ Find first-order masking (CMS2):
any-order: 𝑑 + 1 input sh. / 𝑑 + 1 𝑡 output sh.
first-order: 2 input shares / 8 output shares
Problem: How to find CMS sharing of cubic function?
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
1 Moradi. Advances in Side-channel Security. 20162 Reparaz, Bilgin, Nikova, Gierlichs, Verbauwhede. Consolidating masking schemes. CRYPTO 2015
33
Embedded Security Group
Masking
▪ Decomposition into cubic function1:𝑥−1 = 𝑥254 = 𝑥26 49
▪ Implement one coordinate of each cubic function:𝐺∗ 𝜙(𝑥) = 𝜙(𝑥26), 𝐹∗ 𝜙(𝑥) = 𝜙(𝑥49)
▪ Find first-order masking (CMS2):
any-order: d input shares / 𝑑 + 1 𝑡 output shares
first-order: 2 input shares / 8 output shares
Problem: How to find CMS sharing of cubic function?
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
1 Moradi. Advances in Side-channel Security. 20162 Reparaz, Bilgin, Nikova, Gierlichs, Verbauwhede. Consolidating masking schemes. CRYPTO 2015
Solution: Our HeuristicSplit function 𝐺 into parts: 𝐺𝐴, 𝐺𝐵 , 𝐺𝐶
2 input shares / 8 output shares each
(Details in the paper)
34
Embedded Security Group
Non-complete realization of F*/G*
▪ 18 bits of randomness / cycle
▪ Dependence on only 14 bits each reduces area
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
AAAAAA
A AAAAAAA AAAA
3
A
A
𝑟0𝐺𝐴
𝑟1𝐺𝐵
𝑟2𝐺𝐶
𝑟3𝐹 ⊕𝐺 𝐴
𝑟4𝐹 ⊕ 𝐺 𝐵
𝑟5𝐹 ⊕ 𝐺 C
3 3 3 3 3
16
⊕⊕⊕⊕
A A
AA
⊕⊕⊕⊕
⊕⊕
𝑠𝑒𝑙𝑠𝑒𝑙
𝑦1 𝑦0
4
14 14 14 14 14 14
4 4 4 4 4 4 4 4 4 4 4
66 6 6 6 6 6 6
data
flow
size: 144 LUTs, 48 Regs
35
Embedded Security Group
Two-share S-box
▪ First-order securedesign
▪ Clear register to F*/G* on negative edge
▪ Area: 182 LUTs, 96 Reg
▪ Latency: 26 cycles
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
p2np2np2n
𝑭∗/ 𝑮∗
𝒙𝒊
𝒚𝒊
2
2
14
16
16
2
16
p2nn2p
14
16
16
2
𝑠𝑒𝑙
R1
R2
𝑐𝑙𝑘CLR
16
36
Embedded Security Group
SCA Evaluation: Moments-Correlating DPA
Measurement Setup:– Sakura-G platform
– Oscilloscope: 625 MS/s
– Target: 6 MHz
– Additional AC amplifier
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
PRNG off, 1. order, 10 k traces
37
Embedded Security Group
SCA Evaluation: Moments-Correlating DPA
Measurement Setup:– Sakura-G platform
– Oscilloscope: 625 MS/s
– Target: 6 MHz
– Additional AC amplifier
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
PRNG off, 1. order, 10 k traces
PRNG on, 1. order, 10 M traces
PRNG on, 2. order, 10 k traces
38
Embedded Security Group
Comparison: First-order secure Designs
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
Design # LUTs # FF # Slices #Cycles #Rand. Bits Max. Freq.
Bilgin et al. [BGN+15] 1198 611 475 246 32 127 MHz
Gross et al [GMK17] 595 734 366 246 18 103 MHz
Cnudde et al [CRB+16] 1191 642 553 275 54 181 MHz
This work 293 124 162 6852 18 103 MHz
[BGN+15] Bilgin, Gierlichs, Nikova, Nikov, Rijmen. Trade-offs for threshold implementations illustrated on AES. IEEE TCAD 2015.[GMK17] Groß, Mangard, Korak. An efficient side-channel protected AES implementation with arbitraryprotection order. CT-RSA 2017[CRB+16] De Cnudde, Reparaz, Bilgin, Nikova, Nikov, Rijmen. Masking AES with d+1 shares in hardware. CHES 2016
39
Embedded Security Group
Summary
This presentation:
▪ New size-record for FPGA-specific AES
▪ Smallest first-order secure AES on FPGA devices
Further contributions in the paper:
▪ Latency optimizations for the Sasdrich et al. design
▪ New heuristic to mask Boolean functions with d + 1 Shares
CHES 2018| Amsterdam | 12.09.2018 Felix Wegener
top related