Software Protection Against Side Channel Analysis Through a Hardware Level Power Difference Eliminating Mask


Posted: February 10, 2016 | By: Capt John R. Bochert

V. Conclusions

In this research using the AES encryption in a JOP, we found that implementing a masked cache did not yield a statistical increase in security while implementing a masked RAM did have a measureable difference in security. The masked RAM with a 95% confidence interval showed that the increase in security (as shown by the number of traces required to find the correct key) was between 31% to 87%. This increase in security as compared to the same method applied to the cache with no increase is due largely to the fact that the RAM uses greater power than the registers and cache and leaks more information. Thus protecting this portion of the JOP has a greater effect than the protected cache did. However, masking RAM incurs a significant penalty in performance and requires additional RAM blocks to implement.

The lack of security increase for the protected cache was that the on-chip registers were not protected and leaked as much information as the cache did, thus the increase in security due to the protected cache was negligible. To correct this problem, the underlying data structure of the JOP would need to be changed. Currently the JOP employs a Von Neumann architecture where both the instructions and the data are both saved in the same memory. If the JOP structure was instead changed to a Harvard Architecture, where the instructions and data are saved in two different locations, it would be possible to split the data values and save them split in the double RAM, and keep them split as they move through the JOP all the way to the execute phase of the CPU when they would be “reassembled” as they’re being used for calculations. This is not currently feasible in the JOP because when a value is read from the RAM, instructions and data are indistinguishable and obfuscating instructions would require significant changes to the decoding stage. Changing the underlying architecture could reasonably increase the protection of the JOP several orders of magnitude, making the JOP 100 or 1000 times more secure.



The views expressed in this paper are those of the authors and do not reflect the official policy or position of the United States Air Force, the Department of Defense, or the U.S. Government.


FIPS 197, “Federal Information Processing Standards Publication 197 : Announcing the Advanced Encryption Standard (AES),” National Institute of Standards and Technology (NIST), November 26, 2001.

Alam, M., Golsh, S., Mohan, M.J., Mukhopadhyay, D., Chowdhury D.R., and Gupta I.S., “Effect of Glitches against Masked AES S-box Implementation and Countermeasure,” IET Information Security, 1 Oct, 2008.

Anderson, R., Bond, M., Clulow, J., and Skorobogatov, S., “Cryptographic Processors – A Survey,” University of Cambridge Computer Laboratory Technical Report UCAM-CL-TR-641, ISSN 1476-2986, 94(2), February 2006.

Aumonier, S., “Generalized Correlation Power Analysis,” Oberthur Card Systems SA, 2007.

Chari, S., Jutla, C.S., Rao, J.R., and Rohatgi P., “Towards sound approaches to counteract power-analysis attacks,” Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO ’99) Springer-Verlag, 398–412, 1999.

Clavier, C., Coron, J.S., and Dabbous, N., “Differential power analysis in the presence of hardware countermeasures,” Lectures Notes in Computer Science, 1965:252–263, 2000.

Kocher, P., Jaffee, J., and Jun, B, “Differential Power Analysis,” Lecture Notes in Computer Science, CRYPTO 1999; 1666:388–397, 1999.

Lu, Y., O’Neill, M. P., and McCanny J.V., “FPGA Implementation and Analysis of Random Delay Insertion Countermeasure against DPA,” ICECE Technology, FPT 2008 International Conference, Dec 2008.

Mangard, S., Popp, T., and Gammel B.M., “Side Channel Leakage of Masked CMOS Gates,” CT-RSA 2005, The Cryptographers’ Track at the RSA Conference, 3376:351–365, 2005.

Messerges, T.S., Dabbish, E.A. and Sloan, R.H., “Examining Smart- Card Security under the Threat of Power Analysis Attacks,” IEEE Transactions on Computers, 51(5), May 2002.

Nohl, K., Evans, D., Starbug, and Plotz H., “Reverse-Engineering a Cryptographic RFID Tag,” USENIX Security Symposium, Jul 2008.

Prouff, E., Matthiew, R., and Bevan R., “Statistical Analysis of Second Order Differential Power Analysis,” Transactions on Computers, 58(6), June 2009.

Schoeberl, M., “Java Optimized Processor,”

Sundaresan, V., Srividhya, R., and Vermuri R., “Defense against Side-Channel Power Analysis Attacks on Microelectronics Systems,” Aerospace and Electronics Conference, 2008. NAECON 2008. IEEE National,  2008.

Suzuki, D., Saeki, M., and Ichikawa, T., “Random Switching logic: A New Countermeasure against DPA and Second-Order DPA at the logic level,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, E90-A(1):160–168, 2007.

Popp, T., Oswald, E., and Mangard, S., “Power Analysis Attacks and Countermeasures,” IEEE Design and Test of Computers, 535–543, 2007.

Tiri, K., Akmal, M., and Verbauwhede, I., “A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards,” Proc. of European Solid State Circuits Conference (ISSCIRC 2002), 403–406, 2002.

Trichina, E. “Combinational logic design for AES subbyte transformation on masked data,” Cryptology e-print archive: Report 2003/236, IACR, Nov 2003.

Yang, S., Wolf, W., Vijaykrishnan, N., Serpanos, D.N., and Xie, Y., “Power Attack Resistant Cryptosystem Design: A Dynamic Voltage and Frequency Switching Approach,” Proc. of Design Automation and Test in Europe Conference (DATA 2005), 351–365, 2005.

Want to find out more about this topic?

Request a FREE Technical Inquiry!