The Design Of Reconfigurable AES/SM4 IP Core Against Side-Channel Attack

With the wide application of cryptographic algorithms,the research on side-channel attack(SCA)and resistance countermeasures is the main research direction in the field of information security.AES algorithm and SM4 algorithm respectively as the international and Chinese symmetric encryption standard,have been widely used in various security fields.At present,most cipher chips integrate AES and SM4 IP cores,but they are independent,so those chips are not conducive to be used in the wireless sensor network and radio frequency identification and other resources limited applications.Therefore,it is important to design a reconfigurable AES/SM4 IP core with small area,low power consumption and SCA-resistance for cipher chips.This thesis focuses on the study of a reconfigurable AES/SM4 IP core with SCA-resistance.Firstly,according to the characteristics of AES algorithm and SM4 algorithm,the reconfigurable design scheme of the AES/SM4 encryption circuit is proposed.The optimization design of reconfigurable Sbox(R-Sbox)is studied in detail.Based on genetic algorithm and delay-aware common subexpression elimination,a joint optimization method is proposed to realize reconfigurable AES/SM4 encryption circuit(R-AES/SM4)with small area and low power consumption.Secondly,the R-AES/SM4 is effectively attacked by differential power attack(DPA)and differential fault attack(DFA),which provides the verify foundation for the R-AES/SM4 with SCA-resistance.Thirdly,for resisting DPA,random masking method is used to design the circuit structures of masked R-Sbox,masked mixcolumns,masked linear transformation,whole masked reconfigurable key expansion and mask correction modules,and then the whole masked reconfigurable AES/SM4 encryption circuit(WM-RAES/SM4)is implemented.Finally,in order to resist DFA,based on error detection mechanism,the circuit structure of R-Sbox is modified,and the error detection units of R-Sbox and reconfigurable round transformation is designed,thus the R-AES/SM4 with DFA-resistance is realized.In the SMIC 0.18?m library,the R-AES/SM4 is synthesized.Under the working frequency of 100 MHz,the circuit covers an area of 219482.53?m2 and the power consumption is 9.0383 mW,saving 5.22% and 23.32% compared with AES and SM4 encryption circuits,respectively.Based on DPA platform,the WM-RAES/SM4 is attacked and the correct key can not be carried.Experimental results show that the WM-RAES/SM4 can resist DPA successfully.The security of R-Sbox and R-AES/SM4 with error detection capability is verified by simulating random injection errors.