[PDF] - How much crypto in one microJoule? Ingrid Verbauwhede PDF Document

SLIDE 1

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 1

KU Leuven - COSIC Real World Crypto 2013 - 1 Stanford, January 2013

How much crypto in one microJoule?

Ingrid Verbauwhede ingrid.verbauwhede-at-esat.kuleuven.be KU Leuven, COSIC Acknowledgements: Current and former Ph.D. students at UCLA and KU Leuven

KU Leuven - COSIC ECRYPT - VAMPIRE 2012 - 2 Antwerp, November 2012

Light weight crypto for IoT

Example: Medical Internet of Things
Design constraints: area - time - energy/power
Energy – Flexibility trade-off
ASIC design, hardware specialization
Cost of crypto primitives
Cost of countermeasures

SLIDE 2

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 2

KU Leuven - COSIC Real World Crypto 2013 - 3 Stanford, January 2013

Medical Internet of Things

IMEC: Human++, NERF - brain stimulant Deep Brain stimulation [Sources: ¡J. ¡Rabaey, ¡National ¡Institutes ¡of ¡Health, ¡Neurology ¡journal] ¡

KU Leuven - COSIC Real World Crypto 2013 - 4 Stanford, January 2013

Medical implants

Power is limited

– Cooling!! – Implanted devices only temperature ∆ < 1 °C

Energy Battery is limited

– Pace maker battery is not rechargeable – One AAA battery is 1300 … 5000 Joules

How much crypto in one micro Joule or 10

microWatt ?

SLIDE 3

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 3

KU Leuven - COSIC Real World Crypto 2013 - 5 Stanford, January 2013

Other applications

Smartcards
RFID tags
Smart meters
Keys
…

Ari Juels: RFID tracking problem

KU Leuven - COSIC Real World Crypto 2013 - 6 Stanford, January 2013

IoT Devices

NEED BOTH

Efficient, lightweight implementations

– Within power, area, timing budgets – Public key: 2048 bits RSA, 200 bit ECC on 8 bit µC and 100 µW – Public key on a passive RFID tag

Trustworthy implementation

– Resistant to attacks – Active attacks: probing, power glitches, JTAG scan chain – Passive attacks: side channel attacks

SLIDE 4

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 4

KU Leuven - COSIC Real World Crypto 2013 - 7 Stanford, January 2013

Hardware Design Parameters

Embedded security: Area, delay, power, energy, physical security

KU Leuven - COSIC Real World Crypto 2013 - 8 Stanford, January 2013

Power and Energy are not the same!

Power = P = I x V (current x voltage) (= Watt)

– instantaneous – Typically checked for cooling or for peak performance

Energy = Power x execution time (= Joule)

– Battery content is expressed in Joules – Gives idea of how much Joules to get the job done

Low power processor ≠ low energy solution !

Power Time Power Time

SLIDE 5

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 5

KU Leuven - COSIC Real World Crypto 2013 - 9 Stanford, January 2013

Cost of crypto primitives

Crypto for 1 micro-Joule: Energy - flexibility trade-off

KU Leuven - COSIC Real World Crypto 2013 - 10 Stanford, January 2013

Illustrate with examples

Example 1: Secret Key: AES, KATAN
Example 2: NIST SHA3
Example 3: Public key, ECC for RFID
Example 4: cost of physical security

SLIDE 6

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 6

KU Leuven - COSIC Real World Crypto 2013 - 11 Stanford, January 2013

Example: Rijndael/AES

Key Schedule round

. . . . .

round round round S S S S S S S S S S S S S S S S S S S S S S S S S S S S S S S S

MixColumns MixColumns MixColumns MixColumns

key length: 16/24/32 bytes
block length: 16/24/32 bytes

KU Leuven - COSIC Real World Crypto 2013 - 12 Stanford, January 2013

[1] Amphion CS5230 on Virtex2 + Xilinx Virtex2 Power Estimator

[2] Dag Arne Osvik: 544 cycles AES – ECB on StrongArm SA-1110 [3] Helger Lipmaa PIII assembly handcoded + Intel Pentium III (1.13 GHz) Datasheet [4] gcc, 1 mW/MHz @ 120 Mhz Sparc – assumes 0.25 u CMOS [5] Java on KVM (Sun J2ME, non-JIT) on 1 mW/MHz @ 120 MHz Sparc – assumes 0.25 u CMOS [6] Shay Gueron, Intel

Asm Pentium III [3] Java [5] Emb. Sparc C Emb. Sparc [4]

Power

FPGA [1] 0.18um CMOS

Figure of Merit (Gb/s/W = Gb/J) Throughput AES 128bit key 128bit data

Throughput – Energy numbers

ASM StrongARM [2] Intel ISA for AES [6] 648 Mbits/sec 450 bits/sec 133 Kbits/sec 1.32 Gbit/sec 3.84 Gbits/sec 31 Mbit/sec 32 Gbit/sec 41.4 W 120 mW 350 mW 490 mW 120 mW 240 mW 95 W 0.0000037 (1/3.000.000) 0.015 (1/800) 0.0011 (1/10.000) 11 (1/1) 2.7 (1/4) 0.13 (1/85) 0.34 (1/33)

SLIDE 7

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 7

KU Leuven - COSIC Real World Crypto 2013 - 13 Stanford, January 2013

Match between algorithm & platform

Close the gap:

Dedicated HW: ASIC, SOC
Programmable HW: FPGA
Dedicated instructions, hand-

coded assembly

Compiled code
JAVA on virtual machine,

compiled on a real machine Power Cost ??? General Purpose Fixed Platform Application ASIC

Energy - flexibility trade-off

KU Leuven - COSIC Real World Crypto 2013 - 14 Stanford, January 2013

1 microJoule

11000 bits AES (optimized version)
3000 to 10K gates area = small

SLIDE 8

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 8

KU Leuven - COSIC Real World Crypto 2013 - 15 Stanford, January 2013

Light weight crypto: KATAN - KTANTAN

Block size Key size Memory Datapath + Control “redundant” logic CHES 2009: De Canniere, Dunkelman, Knezevic 80 bits key 32 - 48 - 64 bits block 254 rounds Max 1000 gates [slide input: Miroslav Knežević]

KU Leuven - COSIC Real World Crypto 2013 - 16 Stanford, January 2013

1 microJoule

110000 bits KATAN, <1000 gates
11000 bits AES (ASIC) 3000 to 10K gates

‘light’ ≠ low Joules

nly small area

SLIDE 9

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 9

KU Leuven - COSIC Real World Crypto 2013 - 17 Stanford, January 2013

SHA3 – competition:

One size fits all

KU Leuven - COSIC Real World Crypto 2013 - 18 Stanford, January 2013

SHA 3 ASIC (90nm) synthesis

[slide input: Miroslav Knežević]

Throughput Mbits (@250MHz)

Gate (GE) Energy (pJ/bit) SHA256 2000 12K 2 Blake 6000 30K 2.5 Grøstl 13000 86K 2.5 JH 4600 30K 2 Keccak 15000 30K 1 Skein 6700 43K 6

SLIDE 10

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 10

KU Leuven - COSIC Real World Crypto 2013 - 19 Stanford, January 2013

Keccak in SW

Keccak on ATtiny45 at 8MHz
540 microWatt at 1MHz (spec)
716 * 10^3 clock cycles to hash 500 Bytes
Result: 100 pJ/bit
So again: SW is 100 less efficient than HW
J. Balasch, B. Ege, Th. Eisenbarth, B. Gérard, Z Gong, T Güneysu, S Heyse,

S Indesteege, S Kerckhof, F Koeune, T Nad, T Plos, T Pöppelman, F Regazzoni, F Standaert, G Van Assche, I von Maurich, L van Oldeneel Open Source Implementations of Hash Functions in an Atmel AtTiny45, ECRYPT.

KU Leuven - COSIC Real World Crypto 2013 - 20 Stanford, January 2013

1 microJoule

110000 bits KATAN, < 1000 gates
11000 bits AES encryption, 3000 gates
1000 bits Keccak hash, 30K gates

SLIDE 11

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 11

KU Leuven - COSIC Real World Crypto 2013 - 21 Stanford, January 2013

Example 3:Public key - Elliptic Curve Cryptography

Push for lowest energy to fit budget of IoT

KU Leuven - COSIC Real World Crypto 2013 - 22 Stanford, January 2013

Challenge: low power public key …

Protocol : asymmetric (most work for

the reader)

Algorithm: Elliptic curve (163 bits)

instead of RSA (min 1024 bits)

Field Operation: Binary and not Prime

fields: easier field operations

Projective coordinate system: (X, Y,

Z) instead of (x,y): no field inversions

Special coordinate system: no need

to store Y coordinates (Lopez-Dahab) and common Z (only one Z coordinate)

Minimize storage: Only 5 registers

(with mult/add/square unit) or 6 registers (with mult/add-only unit) compared to 9+ registers before.

D Q Vcc

CPU MALU MEM JCA Java JVM

CLK

Cloning Tracking

D Q Vcc

8 bit uP MEM Montgomery ladder Projective Common Z coord

CLK

Scalable

Binary field 2^163 Elliptic curve REG

Address at all design abstraction levels!

SLIDE 12

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 12

KU Leuven - COSIC Real World Crypto 2013 - 23 Stanford, January 2013

Results

Results: ECC co-processor that can compute:

– ECC point multiplications (163 by 4) – Scalar modular operations (8 bit processor with redundancy)

Schnorr (secure ID transfer, but no tracking protection): one PM
More advanced protocols: up to four PM on tag
14K gates, 79K cycles
At 500 KHz, corresponds to 30 microWatt and 158 msec
One point multiplication = 4.8 microJoule

KU Leuven - COSIC Real World Crypto 2013 - 24 Stanford, January 2013

1 microJoule

110000 bits KATAN
11000 bits AES encryption
1000 bits KECCAK hash
1/5 of one point multiplication

Still to add physical security …

SLIDE 13

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 13

KU Leuven - COSIC Real World Crypto 2013 - 25 Stanford, January 2013

Standard cell based dynamic differential logic
Power consumption independent (in ideal case) of

data processed

Circuit level counter measure: WDDL

A

A B B Y Y

AOI22X1 OAI22X1 INVX4 INVX4

C0

OAI221X1 AOI221X1

A0 A1 B0 B1 Y Y

INVX2 INVX2

A0 A1 B0 B1 C0 KU Leuven - COSIC ECRYPT - VAMPIRE 2012 - 26 Antwerp, November 2012

Prototype IC – ThumbPodII

AES, controller, fingerprint processor.

insecure single-ended secure WDDL differential route

Area: factor 2.5 Power: factor 3 to 4 !

SLIDE 14

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 14

KU Leuven - COSIC Real World Crypto 2013 - 27 Stanford, January 2013

1 microJoule

110000 bits KATAN
11000 bits AES encryption
2000 bits AES with WDDL
1000 bits KECCAK hash
1/5 of one point multiplication

KU Leuven - COSIC Real World Crypto 2013 - 28 Stanford, January 2013 28

Attacks vs. countermeasures

Balanced PA/PD Double-and-add-always Montgomery Powering Ladder┴ Montgomery Powering Ladder┬ Random scalar split Scalar randomization Base point blinding Random projective coordinates Randomized EC isomorphism Randomized field isomorphism Point validity check Curve integrity check Coherence check

Passive SCA

Timing analysis Simple power analysis Differential power analysis Template attack Comparative SCA Refined power analysis Carry-base attack

Active SCA

M safe-error C safe-error Invalid points Invalid curves Twist curves Sign-change attacks Differential faults

Attackers need only a single successful attack to win.

[source: Junfeng Fan]

SLIDE 15

Real World Crypto – Stanford, CA January 2013 Ingrid Verbauwhede, KU Leuven - COSIC 15

KU Leuven - COSIC Real World Crypto 2013 - 29 Stanford, January 2013 29

Attacks vs. countermeasures

√ : Effective

- : Irrelevant

× : Attacked H : helps the attack ? : Unclear

Countermeasures Passive Attacks Active Attacks

Safe-error Weak curve Differential Balanced PA/PD

√ √

?
Double-and-add-always

√ √

×
×H
Montgomery Powering Ladder┴

√ √

×

×

√

√

H

√

Montgomery Powering Ladder┬

√ √

×

×

√

√

√
Random scalar split
?

√ ? √ ×

?
√

? ?

Scalar randomization

×

× × √ ×

?
?

?

Base point blinding

×

× × √

?
?

Random projective coordinates

√

√ ? ×

?

Randomized EC isomorphism

?

√ ? ×

?

Randomized field isomorphism

?

√ ? ×

?

Point validity check

H

√ ? √ H √

Curve integrity check

?

√

Coherence check
H
?
√

√ TA SPA Template DPA Comparative SCA RPA/ZPA Carry-based attack M safe-error C safe-error Invalid point Invalid curve Twist curve Sign change Differential

[source: Junfeng Fan]

KU Leuven - COSIC Real World Crypto 2013 - 30 Stanford, January 2013

Conclusion: 1 microJoule

110000 bits KATAN
11000 bits AES
2000 bits AES with WDDL
1000 bits Keccak hash
1/5 of one point multiplication
1/10 of one point mult WITH randomization
100% overhead for physical security…