Thread 03: Hardware security side channels

New devices – ostensibly targeted for logic and memory – could also have a positive impact on hardware security with little or no added overhead.  Prior work has suggested interesting and novel hardware based on emerging devices. As one example, it is possible to control inherent ambipolarity (and hence device polarity) post-deployment in some nanoscale FETs (e.g., based on silicon nanowire FETs (SiNW FETs), carbon nanotubes (CNTs), and graphene). Polymorphic electronics are based on the idea of having multiple functionalities built into the same cell. Polymorphic gates can conceal the functionality of a digital circuit even if the adversary has access to an entire netlist. Unlike an FPGA, ASIC-like performance is possible.  Side-channel analysis represents another major threat to hardware security. Without physical intrusion, attackers can recover internal signals by leveraging static/differential analyses on side channels such as timing, power consumption, and electromagnetic emissions. One of our primary research goals is to identify novel devices – and associated logic gates and circuits – for cryptographic primitives that (i) produce symmetric power and radiation signatures to solve side channel leakages, and (ii) can be practically integrated with existing CMOS processes.

Example Projects

TIGFET-based Circuits

Side-channel attacks (SCAs) represent a significant security threat, and aim to reveal otherwise secret data by analyzing a relevant circuit's behavior, e.g., its power consumption. While all circuit components are potential power side channels, D-flip-flops (DFFs) are often the primary source of information leakage to an SCA. This paper proposes a DFF design based on the three-independent-gate field-effect transistor (TIGFET) that reduces side-channel vulnerabilities of sequential circuits. Notably, we find that the I-V characteristics of the TIGFET itself leads to inherent side-channel resilience, which in turn enables simpler and more efficient cryptographic hardware.

Our proposed design is based on a prior TIGFET-based true single-phase clock (TSPC) DFF design, which offers high performance and reduced area. More specifically, our modified TSPC (mTSPC) design exploits the symmetric I-V characteristics of TIGFETs, which results in pull-up and pull-down currents that are nearly identical. When combined with additional circuit modifications (made possible by the unique characteristics of the TIGFET), the mTSPC circuit draws almost the same amount of supply currents under all possible input transitions (less than 1% variation for different transitions), which can in turn mask information leakage. Using a 10nm TIGFET technology model, simulation results show that the proposed TIGFET-based DFF circuit leads to decreased power consumption (up to 96.9% when compared to the prior secured designs), has a low delay (15.2 ps), and employs only 12 TIGFET devices. Furthermore, an 8-bit S-box whose output is sampled by a group of eight mTSPC DFFs was simulated. A correlation power analysis attack on the simulated S-box with 256 power traces shows that the key is not revealed, which confirms the SCA resiliency of the proposed DFF design.

Representative work: Mohammad Mehdi Sharifi, Ramin Rajaei, Patsy Cadareanu, Pierre-Emmanuel Gaillardon, Yier Jin, Michael Niemier and X. Sharon Hu, “A Novel TIGFET-based DFF Design for Improved Resilience to Power Side-Channel Attacks,” to appear at Design, Automation, and Test in Europe (DATE), 2020.