Digital embedded systems are becoming integrated into our daily life. Many of such systems are tied with security and privacy concepts, e.g., electronic payments, smart homes, electronic toll collection and smart phones. A majority of them as portable devices, which are carried by us in a daily base, can be categorized into two groups: i) battery-operated ones, and ii) contactless passive ones. Battery life is obviously amongst the major issues of the first group, the same as proximity of the second group. Hence, low-energy designs are essential for the battery-operated applications, and low-power designs for the contactless in-field applications. Interestingly, the crypto community offers a large toolbox of advanced algorithms to achieve a strong level of security. The cryptographic primitives have been designed based on the principle cryptanalyses. However, very limited attention has been paid with respect to the energy and power consumption of their implementations leading to the fact that most of the current cryptographic solutions are not truly suitable for low-power and low-energy applications. Further, such security-enabled devices, that are in hand and control of the legitimate users, can be operated in hostile environments. Hence, the implementation attacks, as serious threats for pervasive applications, can turn a theoretically-robust system into a completely-broken setup. As demonstrated by numerous side-channel analysis (SCA) attacks, securing ubiquitous systems is a must as well as a non-trivial task. Although several SCA countermeasures have already been developed and introduced, almost none of them focuses on the power and energy overheads. In fact, resistance against SCA attacks with low-power and/or low-energy feature has barely been considered by the side-channel community. In short, most of the cryptographic devices, equipped with sound SCA countermeasures, fail to fulfill the requirements to be a part of a low-power (or low-energy) system. Indeed, the result of our preliminary study in this area supports this statement, where we examined the latency and power consumption of SCA-protected implementation of low-latency ciphers. Nevertheless, it would be a great benefit to develop cryptographic primitives as well as protection solutions considering low-energy and low-power features. In this project we will investigate power and energy consumption of cryptographic primitives and SCA countermeasures for ASIC platforms. Based on this, cryptographic algorithms as well as SCA countermeasures will be (re-)designed to match the certain requirements resulting in cryptographically-robust and SCA-resistant schemes with limited power and energy consumption. We will develop dedicated and provably-Secure SCA countermeasures (for ASIC platforms) based on the result of our practical analyses. Hence, an interdisciplinary effort based on symmetric cryptography and cryptographic engineering is required to cope with these challenges.

DFG Programme Research Grants

Cooperation Partner Professor Dr. Gregor Leander