Security Evaluations of MRSL and DRSL Considering Signal Delays

Minoru SAEKI  Daisuke SUZUKI  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E91-A   No.1   pp.176-183
Publication Date: 2008/01/01
Online ISSN: 1745-1337
DOI: 10.1093/ietfec/e91-a.1.176
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Side Channel Attacks
DPA,  data masking,  dual-rail circuit,  countermeasure,  hardware,  RSL,  MRSL,  DRSL,  

Full Text: PDF>>
Buy this Article

In recent years, some countermeasures have been proposed against differential power analysis (DPA) at the basic composition element level of logic circuits. We propose a countermeasure named random switching logic (RSL). RSL involves computation with data masking using a single logic gate and suppression of transient transitions using ENABLE signals generated independently of input data. Recently, some countermeasures that were proposed against DPA, such as MRSL and DRSL, adopted the concept of RSL. Although MRSL is based on RSL, it uses a different method to suppress the transient transitions. DRSL uses RSL to avoid the possibility of leakage caused by a difference in delays occurring in MDPL that combines dual-rail circuits with random masking. The important difference between these countermeasures and RSL is that they can vary the output transition timing depending on the input data patterns. In this paper, we focus on this feature to evaluate the DPA resistance of MRSL and DRSL. Experiments are also conducted on DPA resistance by using an FPGA to verify the evaluation results. It is confirmed that in both MRSL and DRSL, there is a possibility of leakage if a sufficient difference in delays exists in input signals.