Open AccessCircuit-Variant Moving Target Defense for Side-Channel Attacks
Author(s) -
Tristen Mullins,
Brandon Baggett,
Todd R. Andel,
Todd McDonald
Publication year - 2022
Publication title -
proceedings of the ... international conference on information warfare and security/the proceedings of the ... international conference on information warfare and security
Language(s) - English
Resource type - Journals
eISSN - 2048-9889
pISSN - 2048-9870
DOI - 10.34190/iccws.17.1.14
Subject(s) - power analysis , computer science , side channel attack , encryption , plaintext , key (lock) , cryptography , advanced encryption standard , secrecy , key generation , embedded system , computer security
The security of cryptosystems involves preventing an attacker's ability to obtain information about plaintext. Traditionally, this has been done by prioritizing secrecy of the key through complex key selection and secure key exchange. With the emergence of side-channel analysis (SCA) attacks, bits of a secret key may be derived by correlating key values with physical properties of cryptographic process execution. Information such as power consumption and electromagnetic (EM) radiation side-channel properties can be observed during encryption or decryption. These signals reflect data-dependent system behaviours that may reveal secret key information. Power and EM SCA attacks require several measurements of the target process to amplify the signal of interest, filter out noise, and derive the secret key through statistical analysis methods. Differential power and EM analysis attacks rely on correlating actual side-channel measurements to hypothetical models. The goal of this research is to increase the complexity of both power and EM SCA by introducing structural and spatial randomization of the target hardware. We propose a System-on-a-Chip (SOC) countermeasure that will periodically reconfigure an AES scheme using randomly located S-box circuit variants. We hypothesize that changing the location of the target modules between encryption runs will result in a nonconstant EM signal strength for any given point on the chip, increasing the number of traces needed to perform a localized EM SCA attack. Further, each of the S-box circuit variants will consist of functionally equivalent, structurally diverse hardware. By diversifying the implementations at the gate-level, we aim to vary the power behaviour observed by the attacker and disrupt the correlation between the hypothetical and actual power consumption, increasing the complexity of power SCA. This moving target defense aims to disrupt side-channel collection and correlation needed to successfully implement an attack.