Investigation of DPA Resistance of Block RAMs in FPGAs

Abstract

Security at low cost is an important factor for cryptographic hardware implementations. Unfortunately, the security of cryptographic implementations is threatened by Side Channel Analysis (SCA). SCA attempts to discover the secret key of a device by exploiting implementation characteristics and bypassing the algorithm’s mathematical security. Differential Power Analysis (DPA) is a type of SCA, which exploits the device’s power consumption characteristics. Several countermeasures to DPA have been proposed, however, all of them increase security at the cost of increased area which in-turn leads to increased power consumption and reduced throughput. FPGAs are popular due to their reconfigurability, lower development cost, off-the-shelf availability and shorter time to market. Block RAMs are large memories in FPGAs that are commonly used as ROM, FIFO, Look-up tables, etc. In this paper we explore the DPA resistance of Block RAMs and verify if their usage can improve the security of block ciphers such as the Advanced Encryption Standard (AES). We implemented a small test circuit comprised of elements from AES on Xilinx Spartan 3E FPGA and discovered that moving essential parts of AES from look-up tables (LUT) and distributed RAMs to Block RAMs yields about 26 times increase in DPA resistance without any increase in the area. On the contrary it reduces the LUT based area consumption by a factor of 4 and increases speed 1.4 times. Subsequently the same techniques when applied to a standard S-Box and a T-Box implementation of AES showed similar results. The security increased about 9 times, slice area got reduced about 4 times and speed increased about 1.18 times.