ACI “Sécurité Informatique” MARS Matériel Robuste pour Systèmes Sûrs – Project Meeting – 12th september 2005 15:00 – 18:30 TIMA Laboratory, 46 Avenue Felix Viallet, 38031 Grenoble Cedex. Sylvain GUILLEY, <sylvain.guilley@enst.fr> Page 1
Outline General information Project status Débriefing IOLTS (July 6-8, 2005), CHES (Aug 29-Sept 1st, 2005), FDTC (Sept 2, 2005), ESSCIRC (Sept 13-16, 2005) Power analysis at various abstraction levels RSA modules Prototype ASIC: towards specifications Page 2
General information PaRISTIC : Panorama des Recherches Incitatives en STIC 21, 22, 23 Novembre 2005 at LaBRI, Bordeaux Gathers feedback from « Masse de Données », « Sécurité et Informatique », « Grid’5000 » and « IMPBio » projects http://paristic.labri.fr/ MARS project first anniversary A document that summarizes the current results is to be written Project website updated with published papers http://www.comelec.enst.fr/recherche/mars/realizations.php Page 3
Project status On-going tasks: Started tasks: Preliminary comparative study of SCA and FA counter-measures Development of CAD tools/libraries FPGA-based cross-evaluation of existing counter-measures Definition of new counter-measures targeting both SCA and FA Started tasks: Publication and diffusion of the results Page 4
Debriefing of past conferences IOLTS IEEE International On-Line Testing Symposium CHES Cryptographic Hardware and Embbeded Systems FDTC Workshop on Fault Diagnosis and Tolerance in Cryptography ESSCIRC European Solid-State CIRCuit Conference Page 5
Power analysis at various abstraction levels A general dissipation model: both power and EMI Accurate enough to model DPA: it is a second order attack! Validated in silico: simple design to set up (e.g. a register bank + an SBox) electrical model of: the (active) probing system, the acquisition equipment A priori, no need to know anything about: the bounding, the pads A methodology to abstract the measurements: continuity from measurements to simulations, on netlists or on behavioral (abstract) hardware description Page 6
RSA modules Candidate, along with DES, to be embedded in the prototype ASIC (see next slide) SCA-proof: Timing attack impossible because the execution is in constant time (MMM virtue) Ad hoc (e.g. Montgomery ladder exponentiation) counter-measure against SPA Masking against DPA Fault resistant: Error detection in registers and/or Proof by 2m-1 Open issues: Is masking really efficient against DPA? What about malevolently induced glitches? Two architectures (ENST & TIMA), with the same capabilities and the same interface, in the same ASIC. Page 7
Prototype ASIC: towards specifications « SECMAT V1.0 » is up-and-running The SoC architecture is flexible: « plug & play » modules addition standardized interface (A-VCI) wrappers already written and validated for block-processing modules What is a typical module? Has an embedded RAM START / EOC simple control (more elaborate commands can be devised) Signals the EOC by an interrupt Hardware constraints RAM size: a few kbytes is OK Logic: 0.25 mm2 in HCMOS9GP is probably the max affordable Special requirements for testing / dependability evaluation? Page 8