An Investigation into the Security of Self-timed Circuits
Zhongchuan Yu
Abstract
The Differential Power Analysis (DPA) attack poses a great threat to the security of cryptosystems such as smartcards. Asynchronous design has the potenetial to improve the resistance to such attacks, and to other non-invasive attacks. The self-timed ARM compatible SPA processor designed at Manchester aims to demonstrate these advantages for secure applications. The security evaluation of self-timed circuits becomes a crucial design task in demonstrating that the security has, indeed, been enhanced by these techniques.
This thesis introduces a methodology suitable for asynchronous power analysis which copes with the lack of timing reference and other difficulties that do not affect the analysis for synchronous systems. Investigations into the security properties of asynchronous logic using this methodology are then presented.
As the Linear Feedback Shift Register (LFSR) is commonly used in cryptosystems, then the LFSR was taken as a small example to demonstrate how self-timed circuits and dual-rail encoding can improve security. Six LFSRs were implemented using different design technologies with the objective to evaluate the impact on security of those technologies. This experiment offers an opportunity to understand the fundamental difference in power consumption characteristics between synchronous circuits and asynchronous circuits.
An investigation is also presented into the security of the SPA processor using both extracted layout simulation and silicon chip measurement. The power consumption of a single-rail and a dual-rail self-timed processor are analyzed and the security impact of using a novel, secure latch is also investigated. Finally, side-channel leakage from a DES encryption algorithm running on the SPA chip is analyzed to expand the investigations.
Together, the research demonstrates how to perform differential power analysis attacks on asynchronous circuits. The results reveal that the security of single-rail self-timed circuits is inadequate and that dual-rail self-timed circuits have high resistance to differential power analysis attacks. In particular, the work shows that secure latches make a vital contribution to the security of self-timed circuits.