ches tutorial
play

CHES Tutorial Cryptographic hardware: how to make it cool, fast and - PDF document

Nov 01, 2023 •279 likes •826 views

9/9/2012 CHES Tutorial Cryptographic hardware: how to make it cool, fast and secure Junfeng Fan KULeuven, ESAT/SCD-COSIC CHES 2012 Crypto hardware 9/9/2012 CHES Tutorial: Crypto hardware design 3 1 9/9/2012 Smart card SoC (NXP P60C080)

  1. 9/9/2012 CHES Tutorial Cryptographic hardware: how to make it cool, fast and secure Junfeng Fan KULeuven, ESAT/SCD-COSIC CHES 2012 Crypto hardware 9/9/2012 CHES Tutorial: Crypto hardware design 3 1

  2. 9/9/2012 Smart card SoC (NXP P60C080) 9/9/2012 CHES Tutorial: Crypto hardware design 4 Smart phone SoC (Texas Instrument OMAP4470) 9/9/2012 CHES Tutorial: Crypto hardware design 5 2

  3. 9/9/2012 Design target  Efficient, lightweight implementation – Within power, area, timing budgets Public key: 1024 bits RSA on 8 bit m C   Public key on a passive RFID tag  Trustworthy implementation – Resistant to attacks  Active attacks: probing, power glitches, JTAG scan chain  Passive attacks: side channel attacks, including power, timing and electromagnetic leaks 9/9/2012 CHES Tutorial: Crypto hardware design 6 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Outline I. Introduction II. Building III.  ASIC Blocks Optimization  FPGA IV.  Design flow Physical  AES  Area  RSA/ECC Security  Speed  Power  Passive  Active 9/9/2012 CHES Tutorial: Crypto hardware design 7 3

  4. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Part I: Introduction to hardware design  ASIC  FPGA  Design Flow 9/9/2012 CHES Tutorial: Crypto hardware design 8 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary ASIC Design Flow System Specification Architectural Design Verilog VHDL RTL Design Synthesis Physical Design Physical Verification DRC LVS ERC Fabrication Packaging and Testing Chip Chip [Source: Andrew B. Kahng et al.] 9/9/2012 CHES Tutorial: Crypto hardware design 9 4

  5. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Standard Cells  Common Logic Gates INV NAND NOR IN OUT IN1 IN2 OUT IN1 IN2 OUT 0 1 0 0 1 0 0 1 1 0 1 0 1 1 0 0 1 0 0 1 1 0 1 0 1 1 1 1 0 1 1 0 9/9/2012 CHES Tutorial: Crypto hardware design 10 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Vdd Contact NAND Metal layer Vdd IN2 Poly layer IN2 IN1 OUT Diffusion layer OUT IN1 p-type transistor n-type GND transistor GND IN1 OUT IN2 Power (Vdd)-Rail Ground (GND)-Rail [source: Andrew B. Kahng et al.] 11 9/9/2012 CHES Tutorial: Crypto hardware design 11 5

  6. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary SRAM bitline conditioning wordlines bitlines row decoder memory cells: 2 n-k rows x 2 m+k columns bit bit_b word n-k column k circuitry n column decoder 2 m bits 6T Cell [Source: Adnan Aziz] 9/9/2012 CHES Tutorial: Crypto hardware design 12 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Critical Path Delay CLK DFF DFF DFF Combinational Combinational D_in D_out Logic 1 Logic 2 Delay_1 Delay_2 CLK Clock Period 9/9/2012 CHES Tutorial: Crypto hardware design 13 6

  7. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Register balancing CLK DFF DFF DFF Combinational Combinational D_out D_in Logic 1 Logic 2 Delay_1 Delay_2 = Delay_1 CLK Clock Period 9/9/2012 CHES Tutorial: Crypto hardware design 14 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Latency vs. Throughput CLK … DFF DFF DFF DFF D_in Round D_out Round Round 1 2 10 Latency: 10 Throughput: 1 Block/Cycle CLK D_in DFF DFF Round D_out Latency: 10 Throughput: 1/10 Block/Cycle 9/9/2012 CHES Tutorial: Crypto hardware design 15 7

  8. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Power and energy  Why is it important? – Limited energy – Limited power  Extremely important for crypto devices. – Source of information leakage 9/9/2012 CHES Tutorial: Crypto hardware design 16 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary CMOS dynamic power IN OUT 0-1 0 0 0 transition 0 1 discharge 1 0 charge 1 1 0 9/9/2012 CHES Tutorial: Crypto hardware design 17 8

  9. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary HW/SW codesign  Support multiple algorithms and protocols MCU ECC Exp AES … RSA1024 RSA2048 DH2048 BUS ECC160p Decoder AES128 ECC256p Register Crypto Optimal File Datapath Pairing 18 9/9/2012 CHES Tutorial: Crypto hardware design I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary FPGA SRAM A B C D A B Z 4-LUT Z C 16x1 addr D ABCD Z ABCD Z 0000 0 0000 0 0001 0 0001 1 … . … . 1101 0 1101 1 1110 0 1110 1 1111 1 1111 0 A A B B Z Z AND XOR C C D D 9/9/2012 CHES Tutorial: Crypto hardware design 19 9

  10. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary FPGA Virtex-5 SliceL 9/9/2012 CHES Tutorial: Crypto hardware design 20 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Virtex-II architecture I/O Blocks (IOBs) Block SelectRAM ™ resource Programmable interconnect Dedicated multipliers Configurable Logic Blocks (CLBs) Clock Management (DCMs, BUFGMUXes) 9/9/2012 CHES Tutorial: Crypto hardware design 21 10

  11. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Part II: Building blocks  AES Core  ECC/RSA Core 9/9/2012 CHES Tutorial: Crypto hardware design 22 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary A simplified bank system 9/9/2012 CHES Tutorial: Crypto hardware design 23 11

  12. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Sever-side specification  Platform: Xilinx Virtex-5 FPGA  Function – AES 128-bit (CTR) – RSA 1024-, 2048-, 4096-bit – ECC 160-, 192-, 256-bit, prime field  Performance – Frequency: 200 MHz – AES128 : 20Gbits/s – RSA1024 : 2000 signatures per second – ECC160 : 4000 signatures per second 9/9/2012 CHES Tutorial: Crypto hardware design 24 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Card-side specification  Platform: 130nm ASIC  Area: < 60k GE  Function  Power: < 1mW – AES 128-bit (CTR) – RSA 1024-bit – ECC 160-bit  Performance – Frequency: 5 MHz – AES128 : 1Mbits/s – RSA1024 : 5 signatures per second – ECC160: 10 signatures per second 9/9/2012 CHES Tutorial: Crypto hardware design 25 12

  13. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary Well… 9/9/2012 CHES Tutorial: Crypto hardware design 26 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary AES - Algorithm RoundKey[0] AddRoundKey i:=1  International Standard SubBytes  128/192/256-bit ShiftRows – Nr = 10, 12, 14 i++  Separate key expansion MixColumns Nr-1 RoundKey[i]  Different Enc / Dec AddRoundKey times i<Nr-1 ? SubBytes ShiftRows RoundKey[Nr] AddRoundKey 9/9/2012 CHES Tutorial: Crypto hardware design 27 13

  14. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary AES – SubBytes  Byte substitution: each byte individual  16 identical Sboxes a 0 a 4 a 8 a 12 b 0 b 4 b 8 b 12 a 1 a 5 a 9 a 13 b 1 b 5 b 9 b 13 a i b i sbox a 2 a 6 a 10 a 14 b 2 b 6 b 10 b 14 a 3 a 7 a 11 a 15 b 3 b 7 b 11 b 15 9/9/2012 CHES Tutorial: Crypto hardware design 28 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary AES - ShiftRow  ShiftRow: circularly rotate each row of state array ShiftRow a 0 a 4 a 8 a 12 b 0 b 4 b 8 b 12 a 1 a 5 a 9 a 13 b 1 b 5 b 9 b 13 a 2 a 6 a 10 a 14 b 2 b 6 b 10 b 14 a 3 a 7 a 11 a 15 b 3 b 7 b 11 b 15 9/9/2012 CHES Tutorial: Crypto hardware design 29 14

  15. 9/9/2012 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary AES - MixColumn  matrix multiplication of state array columns – multiply with constant entries a 0 a 4 a 8 a 12 a i b 0 b 4 b 8 b 12 b i 2 3 1 1 a i+1 a 1 a 5 a 9 a 13 b 1 b 5 b 9 b 13 b i+1 1 2 3 1 = a i+2 a 2 a 6 a 10 a 14 b 2 b 6 b 10 b 14 b i+2 1 1 2 3 a i+3 a 3 a 7 a 11 a 15 b i+3 3 1 1 2 b 3 b 7 b 11 b 15 3 x a 7 a 6 a 5 a 4 a 3 a 2 a 1 a 0 2 x a 6 a 5 a 4 a 3 a 2 a 1 a 0 0 a 6 a 5 a 4 a 3 a 2 a 1 a 0 0 0 0 0 a 7 a 7 0 a 7 a 7 0 0 0 a 7 a 7 0 a 7 a 7 b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 9/9/2012 CHES Tutorial: Crypto hardware design 30 I. Introduction II. Building Blocks III. Optimization IV. Physical Security V. Summary AES - AddRoundKey  Add round key a 0 a 4 a 8 a 12 k 0 k 4 k 8 k 12 a 0 a 4 a 8 a 12 a 1 a 5 a 9 a 13 k 1 k 5 k 9 k 13 a 1 a 5 a 9 a 13 + => a 2 a 6 a 10 a 14 k 2 k 6 k 10 k 14 a 2 a 6 a 10 a 14 a 3 a 7 a 11 a 15 k 3 k 7 k 11 k 15 a 3 a 7 a 11 a 15 9/9/2012 CHES Tutorial: Crypto hardware design 31 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu Ruhr-Universitt Bochum &amp; DFKI 04.10.2017 Overview Goals Provide a high-level introduction to Post-Quantum Cryptography (PQC)

1.18k views • 113 slides
Formal Verification of Masked Implementations Sonia Bela d Benjamin Gr egoire CHES 2018

Formal Verification of Masked Implementations Sonia Bela d Benjamin Gr egoire CHES 2018

Formal Verification of Masked Implementations Sonia Bela d Benjamin Gr egoire CHES 2018 - Tutorial September 9th 2018 1 / 47 1 Side-Channel Attacks and Masking 2 Formal Tools for Verification at Fixed Order 3 Formal Tools

1.24k views • 97 slides
Academic Success Alicia Baker, MA, MPH, CHES Monica Webb, PhD. MPH, CHES Objectives Describe

Academic Success Alicia Baker, MA, MPH, CHES Monica Webb, PhD. MPH, CHES Objectives Describe

5/19/2017 Addressing College Mental Health Concerns Through Wellness Coaching for Academic Success Alicia Baker, MA, MPH, CHES Monica Webb, PhD. MPH, CHES Objectives Describe mental health concerns of undergraduate students Describe

333 views • 11 slides
A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling

A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling

A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling System Modeling linear, nonlinear and mixed integer optimization problems Useful with large, complex problems A GAMS TUTORIAL A GAMS TUTORIAL

274 views • 24 slides
This tutorial is part of an upcoming publication on knifemaking. Please visit

This tutorial is part of an upcoming publication on knifemaking. Please visit

This tutorial teaches you how to make a narrow tang knife. ABS Matersmith, Kevin Harvey, created both the knife and the tutorial to promote the 2019 Non -guild Members Competition of the Knifemakers Guild of Southern Africa. This tutorial

2.01k views • 151 slides
CAMPUS AS COMMUNITY COALITION-BUILDING AS A HEALTH PROMOTION TOOL Ann Katherine Wagner, MPH, CHES

CAMPUS AS COMMUNITY COALITION-BUILDING AS A HEALTH PROMOTION TOOL Ann Katherine Wagner, MPH, CHES

CAMPUS AS COMMUNITY COALITION-BUILDING AS A HEALTH PROMOTION TOOL Ann Katherine Wagner, MPH, CHES Princeton University Alyssa Lederer, MPH, CHES Emory University American College Health Association Annual Meeting June 4, 2010 Learning

621 views • 37 slides
Comp 1402 Winter 2008 Tutorial #1 Tutorial 1 The objectives of this tutorial will be:

Comp 1402 Winter 2008 Tutorial #1 Tutorial 1 The objectives of this tutorial will be:

Comp 1402 Winter 2008 Tutorial #1 Tutorial 1 The objectives of this tutorial will be: Create and access your Linux account. Become familiar with the Linux terminal. Become familiar with the vi text editor. Compile a

264 views • 8 slides
Excel Tutorial 1 Getting Started with Excel Tutorial 2 Formatting a Workbook Tutorial 3

Excel Tutorial 1 Getting Started with Excel Tutorial 2 Formatting a Workbook Tutorial 3

Excel Tutorial 1 Getting Started with Excel Tutorial 2 Formatting a Workbook Tutorial 3 Working with Formulas and Functions COMPREHENSIVE Excel Tutorial 1 Getting Started with Excel COMPREHENSIVE Objectives XP XP Understand

1.18k views • 81 slides
UPPAAL Tutorial UPPAAL Tutorial UPPAAL Tutorial Introduction Introduction Alexandre David

UPPAAL Tutorial UPPAAL Tutorial UPPAAL Tutorial Introduction Introduction Alexandre David

UPPAAL Tutorial UPPAAL Tutorial UPPAAL Tutorial Introduction Introduction Alexandre David Paul Pettersson RTSS05 Collaborators @UPPsala @AALborg Wang Yi Kim G Larsen Paul Pettersson Gerd Behrman John Hkansson

926 views • 36 slides
Tutorial 1: Overview of CS 136 1 CS 136 Spring 2020 Tutorial 1 Course Personnel

Tutorial 1: Overview of CS 136 1 CS 136 Spring 2020 Tutorial 1 Course Personnel

Tutorial 1: Overview of CS 136 1 CS 136 Spring 2020 Tutorial 1 Course Personnel Instructors: Adrian Reetz, John Akinyemi Course Coordinator: Scott King (Full-Time) Instructional Support Assistants (ISA)s: Jack Bai, Jiayi Wang

284 views • 26 slides
Do Fifty- Two Motivation Overview of the Language

Do Fifty- Two Motivation Overview of the Language

Do Fifty- Two Motivation Overview of the Language Tutorial Tutorial Tutorial Tutorial Tutorial Tutorial //A Sample Program configure numberOfPlayers: 2 configure

568 views • 34 slides
PROGRAMMING TUTORIAL Thierry Lepley, April 4 th 2016 TUTORIAL GOAL Intermediate Tutorial for

PROGRAMMING TUTORIAL Thierry Lepley, April 4 th 2016 TUTORIAL GOAL Intermediate Tutorial for

April 4-7, 2016 | Silicon Valley PROGRAMMING TUTORIAL Thierry Lepley, April 4 th 2016 TUTORIAL GOAL Intermediate Tutorial for Developers Understand philosophy of the API Understand main features of the API Start developing with VisionWorks

1.52k views • 92 slides
Tutorial Files for this tutorial can be downloaded from:

Tutorial Files for this tutorial can be downloaded from:

Cadence First Encounter Tutorial Files for this tutorial can be downloaded from: www.cs.wright.edu/~emmert/tutorials/enc_files.tar.gz Dr. J M Emmert Configuration File This file contains information used to setup your

560 views • 18 slides
UCL Tutorial on: Deep Belief Nets (An updated and extended version of my 2007 NIPS tutorial)

UCL Tutorial on: Deep Belief Nets (An updated and extended version of my 2007 NIPS tutorial)

UCL Tutorial on: Deep Belief Nets (An updated and extended version of my 2007 NIPS tutorial) Geoffrey Hinton Canadian Institute for Advanced Research &amp; Department of Computer Science University of Toronto Schedule for the Tutorial

1.66k views • 126 slides
Tutorial: TF-Ranking for sparse features Tutorial: TF-Ranking for sparse features This tutorial

Tutorial: TF-Ranking for sparse features Tutorial: TF-Ranking for sparse features This tutorial

Tutorial: TF-Ranking for sparse features Tutorial: TF-Ranking for sparse features This tutorial is an end-to-end walkthrough of training a TensorFlow Ranking (TF-Ranking) neural network model which incorporates sparse textual features.

257 views • 24 slides
ORRCA Intern Presentation Mad McCormick, CHES Masters of Public Health Candidate TDEC Graduate

ORRCA Intern Presentation Mad McCormick, CHES Masters of Public Health Candidate TDEC Graduate

ORRCA Intern Presentation Mad McCormick, CHES Masters of Public Health Candidate TDEC Graduate Intern Myself Bachelors from The University of Kansas CHES: Community Health Education Specialist Last semester at UTK, Masters of

281 views • 7 slides
GLIF Akira Kato Univ. of Tokyo/WIDE Project kato@wide.ad.jp

GLIF Akira Kato Univ. of Tokyo/WIDE Project kato@wide.ad.jp

GLIF Akira Kato Univ. of Tokyo/WIDE Project kato@wide.ad.jp Dark Fiber based Networks National Lambda Rail is operational in U.S. http://www.nlr.net/ Dark Fibers from Level3

1.02k views • 27 slides
Linguistic Research Infrastructure Information event October 11, 2019 LiRI team members

Linguistic Research Infrastructure Information event October 11, 2019 LiRI team members

Linguistic Research Infrastructure - LiRI Linguistic Research Infrastructure Information event October 11, 2019 LiRI team members 10/18/2019 Title of the presentation, Author Page 1 Linguistic Research Infrastructure - LiRI Introduction

1.03k views • 61 slides
Outline Synchronous Programming Introduction of Reactive Systems The Data-Flow Language Lustre

Outline Synchronous Programming Introduction of Reactive Systems The Data-Flow Language Lustre

Outline Synchronous Programming Introduction of Reactive Systems The Data-Flow Language Lustre The Imperative Language Esterel Compilation of Synchronous Languages Nicolas Halbwachs Verification and Automatic Testing of Synchronous

371 views • 26 slides
Mobile Ad hoc Networking Carlos de Morais Cordeiro and Dharma P. Agrawal OBR Research Center for

Mobile Ad hoc Networking Carlos de Morais Cordeiro and Dharma P. Agrawal OBR Research Center for

Mobile Ad hoc Networking Carlos de Morais Cordeiro and Dharma P. Agrawal OBR Research Center for Distributed and Mobile Computing, ECECS University of Cincinnati, Cincinnati, OH 45221-0030 USA {cordeicm, dpa}@ececs.uc.edu Abstract

841 views • 63 slides
A Flow Control Strategy for Connectionless Traffic over an ATM Network Lorne G. Mason

A Flow Control Strategy for Connectionless Traffic over an ATM Network Lorne G. Mason

0 A Flow Control Strategy for Connectionless Traffic over an ATM Network Lorne G. Mason INRS-Telecommunications University of Quebec, Nuns Island, Quebec H3E 1H6 e-mail: lgmason@telusplanet.net Felisa J. V azquez-Abad Department of Computer

417 views • 13 slides
for Cooperative Agents Shlomo Zilberstein Shlomo Zilberstein School of Computer Science School of

for Cooperative Agents Shlomo Zilberstein Shlomo Zilberstein School of Computer Science School of

Multiagent Multiagent Planning Planning Planning under Uncertainty for Cooperative Agents Shlomo Zilberstein Shlomo Zilberstein School of Computer Science School of Computer Science ! Challenge : How to achieve intelligent coordination of a

473 views • 30 slides
Testes caixa preta - 1 Abordagens combinatrias Criao: Abr/2001 Reformulao: Mar/2013

Testes caixa preta - 1 Abordagens combinatrias Criao: Abr/2001 Reformulao: Mar/2013

Testes caixa preta - 1 Abordagens combinatrias Criao: Abr/2001 Reformulao: Mar/2013 Referncias M. Pezz, M. Young. Teste e Anlise de Software . Bookman Companhia Editora, 2008, cap. 10 e 11. P. Ammann, J. Offutt. Introduction to

899 views • 59 slides
Networks &amp; Protocols INF566 - X2010 - 2012 Lecture 3 - Enterprise Grade Routing - OSPF

Networks &amp; Protocols INF566 - X2010 - 2012 Lecture 3 - Enterprise Grade Routing - OSPF

Networks &amp; Protocols INF566 - X2010 - 2012 Lecture 3 - Enterprise Grade Routing - OSPF thomas@thomasclausen.org http://www.thomasclausen.org mark@townsley.net http://www.townsley.net/ 1 Intro, kick-off, objectives and motivation (Thomas)

2.15k views • 165 slides

More recommend