Mostra el registre d'ítem simple
Securing RSA hardware accelerators through residue checking
dc.contributor.author | Lasheras Mas, Ana |
dc.contributor.author | Canal Corretger, Ramon |
dc.contributor.author | Rodríguez Luna, Eva |
dc.contributor.author | Cassano, Luca |
dc.contributor.other | Universitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors |
dc.date.accessioned | 2020-12-21T13:07:22Z |
dc.date.available | 2022-12-16T01:25:27Z |
dc.date.issued | 2021-01 |
dc.identifier.citation | Lasheras, A. [et al.]. Securing RSA hardware accelerators through residue checking. "Microelectronics reliability", 2021, vol. 116, article 114021, p. 1-10. |
dc.identifier.issn | 0026-2714 |
dc.identifier.uri | http://hdl.handle.net/2117/334734 |
dc.description.abstract | Circuits for the hardware acceleration of cryptographic algorithms are ubiquitously deployed in consumer and industrial products. Although being secure from a mathematical point of view, such accelerators may expose several vulnerabilities strictly related to the hardware implementation. Differential fault analysis (DFA) and hardware Trojan horses (HWTs) may be exploited to steal secret information from the circuit or to interfere with its nominal functioning. It is therefore important to protect cryptographic hardware accelerators against such attacks in an efficient way. In this paper, we propose a lightweight technique for protecting circuits implementing the RSA algorithm against DFA and HWTs at runtime. The proposed solution relies on residue checking which is a well-known technique belonging to traditional fault tolerance. Residue checking is here applied to RSA circuits in order to detect any modification of the output of the circuit possibly induced by the occurrence of a fault or the activation of a HWT. When this happens, the protection technique reacts to the attack by obfuscating the circuit's output (i.e. generating a random output). An experimental campaign (99% confidence and 1% error) demonstrated that, when dealing with DFA, the proposed solution detected 100% of the fault attacks that leaked information to the attacker. Moreover, we applied the proposed technique to all the HWT infected implementations of the RSA algorithm available in the Trust-Hub benchmark suite achieving a 100% HWT detection. The overhead introduced by the proposed solution is a maximum area increase below 3%, about 18% dynamic power consumption increase while it has no impact on the operating frequency. |
dc.format.extent | 10 p. |
dc.language.iso | eng |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International |
dc.rights | ©2020 Elsevier |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ |
dc.subject | Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica |
dc.subject.lcsh | Cryptography |
dc.subject.lcsh | Algorithms |
dc.subject.lcsh | Computer security |
dc.subject.other | Cryptographic accelerators |
dc.subject.other | Differential fault analysis |
dc.subject.other | Fault attacks |
dc.subject.other | Hardware Trojans |
dc.subject.other | Hardware security |
dc.subject.other | Residue checking |
dc.subject.other | RSA |
dc.subject.other | Third party intellectual property cores (3PIPs) |
dc.title | Securing RSA hardware accelerators through residue checking |
dc.type | Article |
dc.subject.lemac | Criptografia |
dc.subject.lemac | Algorismes |
dc.subject.lemac | Seguretat informàtica |
dc.contributor.group | Universitat Politècnica de Catalunya. VIRTUOS - Virtualisation and Operating Systems |
dc.identifier.doi | 10.1016/j.microrel.2020.114021 |
dc.description.peerreviewed | Peer Reviewed |
dc.relation.publisherversion | https://www.sciencedirect.com/science/article/pii/S0026271420309082 |
dc.rights.access | Open Access |
local.identifier.drac | 30018881 |
dc.description.version | Postprint (author's final draft) |
local.citation.author | Lasheras, A.; Canal, R.; Rodríguez, E.; Cassano, L. |
local.citation.publicationName | Microelectronics reliability |
local.citation.volume | 116 |
local.citation.number | article 114021 |
local.citation.startingPage | 1 |
local.citation.endingPage | 10 |
Fitxers d'aquest items
Aquest ítem apareix a les col·leccions següents
-
Articles de revista [1.050]
-
Articles de revista [17]