A double-width algorithmic balancing to prevent power analysis Side Channel Attacks in AES

摘要

Advanced Encryption Standard (AES) is one of the most widely used cryptographic algorithms in embedded systems, and is deployed in smart cards, mobile phones and wireless applications. Researchers have found various techniques to attack the encrypted data or the secret key using Side Channel information (execution time, power variations, electro migration, sound, etc.). Power analysis attack is most prevalent out of all Side Channel Attacks (SCAs), the popular being the Differential Power Analysis (DPA). Balancing of signal transitions is one of the methods by which a countermeasure is implemented. Existing balancing solutions to counter power analysis attacks are either costly in terms of power and area or involve much complexity, hence lacks practicality. This paper for the first time proposes a double-width single core (earlier methods used two separate cores)processor algorithmic balancing to obfuscate power variations resulting in a DPA resistant system. The countermeasure only includes code/algorithmic modifications, hence can be easily deployed in any embedded system with a 16 bits bitwidth (or wider) processor. A DPA attack is demonstrated on the Double Width Single Core (DWSC) solution. The attack proved unsuccessful in finding the correct secret key. The instruction memory size overhead is only 16.6% while data memory increases by 15.8%.