The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Matsuda et al. proposed a countermeasure against laser fault injection that uses distributed on-chip sensors. The sensor raises an alarm by detecting an electrical phenomenon caused in conjunction with a bitflip. A cryptographic module can stop releasing a faulty ciphertext by using the alarm. In this paper, security and limitation of the countermeasure by Matsuda et al. is rigorously evaluated. We...
The idea to use physical unclonable function (PUF) as a sensor is proposed. Environment-dependent behavior of PUF, which is conventionally unwanted, is used for sensing. Such PUF-based sensor has advantages over ordinary sensors. As a proof of concept, a voltage sensor is prototyped using an ASIC implementation of glitch PUF. The performance of the PUF-based sensor is evaluated by injecting pulses...
Circuit simulation method for Fault Sensitivity Analysis (FSA) is proposed. The simulation can be used both for (i) security evaluation before fabrication and (ii) investigation of leak mechanism. The proposed method extracts fault sensitivity data from post place-and-route logic simulation results, thus it can easily be integrated with conventional LSI design flow. As a proof of concept, the proposed...
The first contribution of our paper is that we propose a platform, a design strategy, and evaluation criteria for a fair and consistent hardware evaluation of the second-round SHA-3 candidates. Using a SASEBO-GII field-programmable gate array (FPGA) board as a common platform, combined with well defined hardware and software interfaces, we compare all 256-bit version candidates with respect to area,...
In this paper, we introduce a new type of intentional electromagnetic interference (IEMI) which causes information leakage in electrical devices without disrupting their operation or damaging their physical structure. Such IEMI could pose a severe threat to a large number of electrical devices with cryptographic modules since it can be used for performing fault injection attacks, which in turn allows...
Recently, it has been known that electromagnetic radiation from electrical device leaks internal information. That is, electromagnetic radiation contains information. Especially, it causes serious problem for cryptographic modules if electromagnetic radiation contains secret information. Therefore many studies have been made on power/electromagnetic analysis attacks, which extract secret keys from...
Two types of miniature shielded-loop type magnetic probes were used to analyze RF magnetic near field on the ISO/IEC 18033-3 Standard Cryptographic LSI made by 0.13 μm CMOS process with clock frequency of 24 MHz. The 180 × 180 μm2-size on-chip shielded loop probe we developed was applied to scan the magnetic near field on the LSI and clarified that the magnetic filed...
This paper presents hardware architectures for the hash algorithm Luffa, which is a candidate for the next-generation hash standard SHA-3. The architectures were implemented by using a 90-nm CMOS standard cell library. A high throughput of 35 Gbps for a high-speed architecture and a gate count of 14.7 kgate for a compact architecture were obtained. In comparison with Keccak, other SHA-3 candidate...
We propose a compact hardware architecture for the 64-bit block cipher CAST-128, which is one of the ISO/IEC 18033-3 standard algorithms. Part of the complexity of CAST-128 is its use of various S-boxes in various sequences, and three types of f-function are switched depending on the round numbers. Therefore a large amount of hardware resources are required for a straight-forward implementation. In...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.