High Speed ASIC Implementations of Leakage-Resilient Cryptography


Embedded devices in the Internet-ofThings require encryption functionalities to secure their communication. However, side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. While state-of-the-art countermeasures like masking slow down the performance and can only prevent DPA up to a certain order, leakage-resilient schemes are designed to stay secure even in the presence of side-channel leakage. Although several leakageresilient schemes have been proposed, there are no hardware implementations to demonstrate their practicality and performance on measurable silicon. In this work, we present an ASIC implementation of a multi-core System-on-Chip extended with a softwareprogrammable accelerator for leakage-resilient cryptography. The accelerator is deeply embedded in the shared memory architecture of the many-core system, supports different configurations, contains a highthroughput implementation of the 2PRG primitive based on AES-128, offers two side-channel protected rekeying functions, and is the first fabricated design of the side-channel secure authenticated encryption scheme ISAP. The accelerator reaches a maximum throughput of 7.49 Gbit/s and a best-case energy efficiency of 137 Gbit/s/W making this accelerator suitable for highspeed secure IoT applications.

Design, Automation & Test in Europe Conference & Exhibition
Robert Schilling
Robert Schilling
Security Architect

My research interests include the hardware-software codesign to protect software against fault attacks.