Circuits and design techniques for secure ICs resistant to side-channel attacks

Integrated circuits used for security applications, such as smart-cards, leak information. The key or other sensitive information, can be guessed by monitoring the execution time, the power variation and/or the electromagnetic radiation of the integrated circuit. This class of so-called side-channel attacks doesn't need expensive equipment or intrusive monitoring to be effective. We have shown that we can obtain the secret key out of a regular standard CMOS implementation of the AES encryption algorithm by monitoring the power consumption of only 2000 encryptions. This is orders of magnitude lower than the mathematical security of 2128 possible encryption keys to break the algorithm. The root cause of this problem is that standard CMOS is power efficient and it will only consume dynamic power when nodes are switching. Mathematical solutions have been proposed that include randomization and masking techniques. Our original approach is that we address the problem at circuit level. Instead of a full custom layout, a few key modifications are incorporated in a regular synchronous CMOS standard cell design flow. We will present the basis for side-channel attack resistance and adjust the library databases and constraint files of the synthesis and place & route procedures. We will show the measurement results on two functionally identical co-processors which were fabricated using a TSMC 6M 0.18 mu m CMOS. We will also discuss issues of side-channel resistance when implementing ICs in future technologies.