Weekly Report Yan Lin 03/14/05 Work 1, Literature research on security related designs I read a few papers from Kris Tiri in Ingrid's group and summarized the important ones as follows, The basic idea of differential power analysis (DPA) resistant deisgn is to minimize power supply current fluctuation such that the attacker cannot find the key data via power dissipation measurement. There are two ways to achieve this goal. One approach is to design special circuit such as sense amplifier based logic, another approach minimizes power dissipation without changing the current standard cell library or FPGA BLE. The summary mainly focuses on the second approach. [1] presents wave dynamic differential logic (WDDL). WDDL uses AND and OR gates to create compound standard cell with dynamic and differential behavior. In the precharge cycle, both true and false outputs are discharged to 0. In the evaluation phase, exactly only one output will be charge to 1. By using only AND or OR gates, the switching factor is 100% (no glitching). Inversion function is implemented by switching the true and false output. The routing of the duplicated part is remained same as the original routing. By matching the self-load and input capacitance of each compound gate, each signal transaction consumes the same dynamic energy ideally. [2] a methodology to synthesize secure design on FPGA using existed commercial EDA tools. If the original gate-level circuit netlist does not contain any inverter, the netlist is mapped to LUT-level netlist and then duplicated to implement the secure compound gate. In case of presence of inverter, the input/output of inverter become global output/input. Technology mapping is performed on the broken netlist. The mapped LUT-level is duplicated. The inversions are established by switching the differential connections. There are other papers which are quite similar to the above two. [3] is basically a simplified version of [2]. [4] points out how to use the current EDA tool to generate two sets of routing. As shown in [4], DPA can obtain key data even if the cycle-to-cycle variation on the power consumption is a mere 1%. [5][6] set up some board-level experiments and measure the effectiveness of DPA resistant design. References [1] Kris Tiri, and Ingrid Verbauwhede, "A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation", Design, Automation and Test in Europe Conference (DATE 2004) [2] Kris Tiri, and Ingrid Verbauwhede, "Synthesis of Secure FPGA Implementations", International Workshop on Logic and Synthesis (IWLS 2004), pp. 224-231, June 2004. [3] Kris Tiri, and Ingrid Verbauwhede, "Secure Logic Synthesis", International Conference on Field Programmable Logic and Applications (FPL 2004) [4] Kris Tiri, and Ingrid Verbauwhede, "Place and Route for Secure Standard Cell Design", 6th International Conference on Smart Card Research and Advanced Applications (CARDIS 2004) [5] Kris Tiri et al, "AES-Based Cryptographic and Biometric Security Coprocessor IC in 0.18um CMOS Resistant to Side-Channel Power Analysis Attacks", VLSI'05 [6] Kris Tiri, and Ingrid Verbauwhede, "A VLSI Design Flow for Secure Side-Channel Attack Resistant ICs", accepted at Design, Automation and Test in Europe Conference (DATE 2005), March 2005