Research On Key Techniques Of Design And Implementation Of Power Analysis Resistant Secure SoC

Secure SoC (System on Chip) plays an important role in many applications. The function of secure SoC includes the protection and secure storage of private data, encryption/decryption, digital signature and verification, identity authentication etc. Secure SoC is always the key of security control or the root of trust. So the security of a secure SoC itself is the key to establish an information system with high dependability. To obtain illegal interest, some vicious entities or individuals may attempt to break the secure SoCs. The commonly used techniques to break a secure SoC include software attack, side-channel attack and physical attack. Side-channel attack, especially power analysis attack, is a very efficient method to break the private keys using the implementing weakness of a secure SoC. So the key techniques of power analysis resistant implementation of cryptographic devices in the secure SoC are the main target of this thesis. The research of this thesis includes the following three parts; the first one is the aided design method to implement power analysis resistant cryptographic devices, the second one is novel countermeasures for different cryptographic algorithms, and the last one is the design method of security oriented SoC and implementation of a secure SoC prototype.Primary innovation works of this thesis can be summarized as follows.(1) The technique to identify feasible power analysis attacks in the implementation of cryptographic devices is presented. This is equivalent to perform qualitative analysis of the cryptographic device's resistibility against power analysis attack. The identifying method includes three parts, the basic theory to identify feasible attacks, the enhanced data dependence graph to describe the implementation, and the algorithm to identify different kinds of attacks. The results of identified attacks are valuable guidance for designers to choose appropriate countermeasures while designing and implementing power analysis resistant cryptographic device. Besides, this technique lays the foundation of the EDA tools for the aided design of power analysis resistant cryptographic device.(2) The technique to perform quantitative analysis of the cryptographic device's resistibility against power analysis attack is presented. The number of power trace measurements needed to perform a power analysis attack successfully is used to express the quantitative resistibility. And the number of samples is computed based on the signal-to-noise ratio of the corresponding power analysis attack. The technique of power trace simulations at multiple levels including RTL, synthesized and Placement & routing, is proposed. With the qualitative analysis and quantitative analysis of the resistibility against power analysis attack, a designer can implement a power analysis resistant cryptographic device efficiently.(3) The AES implementation secure against high-order power analysis attack based on random masking is presented. This countermeasure aims to eliminate the feasible leaks which can be used to perform power analysis attacks. Several fine grained masked operations are defined. And all the transformations in AES are transferred to the sequence of the pre-defined masked operations. All the intermediate results are masked by different random values. Combined with randomized execution of the fine grained operations sequence, it is proven that the proposed countermeasure is secure against high-order power analysis attack. This countermeasure not only can be implemented as software or hardware blocks completely, but also can be implemented as software-hardware hybrid block.(4) Three kinds of different countermeasures which aim to increase the difficulty of performing power analysis attack to an extremely large degree are presented. The first one is the implementation of block cipher coprocessor based on WDDL and wave-pipelining. A WDDL circuit can achieve nearly constant power consumption which is independent with the input signals. And wave-pipelining is an advanced technique which achieves extremely high performance. Block cipher coprocessor based on WDDL and wave-pipelining not only prevent power analysis attack effectively, but also achieves high performance and low power consumption. The second one is the countermeasure based on chaotic noise. Since the extremely high complexity and unpredictable nature of chaos, chaotic power noise is generated to mask the power trace of cryptographic device. This technique is suited for protecting multiple cryptographic blocks in a secure SoC. And it is unrelated to the implementation details of a cryptographic device. The third one is the implementation of RSA and ECC based on fine grained operation schedule. The large number modular exponentiation and elliptic curve scalar multiplication which are the key operations of RSA and ECC are transferred to the randomized sequence of fine grained operations. By inserting invalid operations with configurable amount, fine compromise is achieved between performance and the resistibility against power analysis attack.(5) The key technique of security oriented SoC design is presented. With the hierarchical platform based SoC design methodology, the hierarchical secure SoC platform based on the architecture of trusted computing is constructed. Independent constraints of security are introduced to the design and implementation of secure SoC. And the transmission and validation of the security constraints are presented. The security constraints and validation include two sides, i.e., the ability to resist software attack and side-channel attack. The presented design method not only reuses the existing design resources to a large degree, but also reuses the existing platform based SoC design technique and aided design environment.