Design And Research Of AES Hardware For Anti - Side Signal Attack

AES is a widely used private cryptography algorithm now and the Side-channel analysis (SCA) is a very effective attack method for the private cryptography system. The SCA is an attack method which takes advantage of the correlation of the inner data in the system and the side-channel information. The author aims to design an AES hardware system which has countermeasures to the SCA.The author designed an AES circuit with no security consideration which works over three different key lengths. Using this system designed as the attack target, we mainly sampled the side-channel information and implement three different SCA methods (Differential power analysis, Differential fault analysis and Template attack) to attack the AES system successfully. Firstly, the author creatively developed a new differential power analysis based on the Hamming distance and focus on the combination of two bytes which indicates that the attacker can obtain16bits of key after only one attacking process. Secondly, the author proposed a more effective differential fault attack method to get the private key of the AES system with limited number of fault injections and without any knowledge of the actual key length of the system, moreover, the number of the fault injection is decreased and the station of fault injection has been expanded into multi-byte. Finally, the totally new template attack schedule and algorithm was turn out to be a very effective attack method. This new attack schedule and two preprocessing algorithm can decrease the computation complexity and the memory usage.In order to having resistance to the three main SCA methods, the author proposed some countermeasures to the initial design of AES. The masking structure was designed to decrease the correlation of intermediate data and the side-channel information and protect the AES system from getting access to the key with differential power analysis. The main protection module is the design of SBOX function. The author not only implemented the latest research results about the secure design of AES SBOX but also proposed a totally new implementation based on FFT. In order to protect the system from differential fault attack the author added the double check and the error propagation strategy to the system architecture. The author also studied the latest research about how to make the template attack more difficult and improve the security of our design. Finally, after the countermeasure design, we impacted the three main SCA methods to our design with countermeasures to verify the efficiency of the countermeasure design.This thesis mainly concludes six chapters. The first chapter is the brief introduction of the background of security circuits design. The second chapter shows some basic background of AES algorithm related. The third chapter is about the ASIC design of AES without any countermeasures. The fourth chapter mainly demonstrates the three main SCA methods, their algorithms and the attacking results. The fifth chapter is the design with countermeasure and the verifying of our security circuits. Finally we will show some future work and further development in this field.