• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Emerging and Selected Topics in Circuits and Systems, IEEE Journal on >A Performance and Area Efficient ASIP for Higher-Order DPA-Resistant AES
【24h】

A Performance and Area Efficient ASIP for Higher-Order DPA-Resistant AES

机译:高阶DPA抗性AES的性能和面积高效ASIP

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Masking is a common method used in embedded systems to prevent differential power analysis (DPA) attack. However, first-order masking cannot prevent higher-order DPA attacks. To enhance security, higher-order masking should be implemented. Hardware accelerator based higher-order masking has higher performance, but it consumes large area. General purpose processor (GPP) based higher-order masking is area-efficient, but it is unable to meet performance requirements. To handle this problem, we propose a novel high-order DPA-resistant ASIP. We develop three performance and area-efficient methods to extend the instruction set for a 32-bit LEON3 processor, with the goal of reducing execution cycles and code sizes. First, we reorder the execution sequence of SubBytes and ShiftRows. We partition new critical pathłthe masked SubBytes followed by the masked MixColumns, and transform computations from $GF(2^8)$ to $GF(2^4)^2$ that efficiently reduces the area. We reused our previous technique, which moved the map and the inverse map functions outside the AES round. Second, we develop an algorithm to search for an optimal transformation matrix of the map function to reduce the critical path of the masked MixColumns. Third, we reuse first-order masked SubBytes for higher-order masked SubBytes to optimize area without compromising performance. The experimental results show that our third-order masking design reduces around 8/9 execution cycles of GPP based reference design and reduces 70.5% area of hardware accelerator based reference design. We have realized a highly secure ASIP with third-order masking that dramatically reduces execution cycles from 197–470 K to only 3.3 K compared with state-of-the-art software implementations.
机译:屏蔽是嵌入式系统中用于防止差分功率分析(DPA)攻击的常用方法。但是,一阶掩码不能阻止高阶DPA攻击。为了提高安全性,应实施更高级别的屏蔽。基于硬件加速器的高阶掩膜具有更高的性能,但占用的面积较大。基于通用处理器(GPP)的高阶掩码具有区域效率,但无法满足性能要求。为了解决这个问题,我们提出了一种新型的高阶抗DPA的ASIP。我们开发了三种性能和面积高效的方法来扩展32位LEON3处理器的指令集,目的是减少执行周期和代码大小。首先,我们对SubBytes和ShiftRows的执行顺序进行重新排序。我们将新的关键路径划分为“蒙版的子字节”,然后是“蒙版的MixColumns”,然后将计算从$ GF(2 ^ 8)$转换为$ GF(2 ^ 4)^ 2 $,以有效地减少面积。我们重用了以前的技术,该技术将地图和逆地图功能移到了AES回合之外。其次,我们开发了一种算法,以搜索映射函数的最佳转换矩阵,以减少蒙版MixColumns的关键路径。第三,我们将一阶掩码子字节重用于高阶掩码子字节,以在不影响性能的情况下优化区域。实验结果表明,我们的三阶掩码设计减少了基于GPP的参考设计的大约8/9执行周期,并减少了基于硬件加速器的参考设计的70.5%面积。我们已经实现了具有三阶掩码的高度安全的ASIP,与最新的软件实现相比,该执行周期从197-470 K大大减少了仅3.3K。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号