Combination of hardware and software: An efficient AES implementation resistant to side-channel attacks on all programmable SOC

Abstract

With the rapid development of IoT devices in the direction of multifunction and personalization, All Programmable SoC has been used more and more frequently because of its unrivaled levels of system performance, flexibility, and scalability. On the other hand, this type of SoC faces a growing range of security threats. Among these threats, cache timing attacks and power/elctromagnetic analysis attacks are two considerable ones which have been widely studied. Although many countermeasures have been proposed to resist these two types of attacks, most of them can only withstand a single type but are often incapable when facing multi-type attacks. In this paper, we utilize the special architecture of All Programmable SoC to implement a secure AES encryption scheme which can efficiently resist both cache timing and power/electromagnetic analysis attacks. The AES implementation has a beginning software stage, a middle hardware stage and a final software stage. Operations in software and start/end round of hardware are all randomized, which allow our implementation to withstand two types of attacks. To illustrate the security of the implementation, we conduct the three types of attacks on unprotected software/hardware AES, shuffled software AES and our scheme. Furthermore, we use Test Vector Leakage Assessment (TVLA) to test their security on encryption times and power/electromagnetic traces. The final result indicates that our encryption implementation achieves a high secure level with almost 0.86 times data throughput of the shuffled software AES implementation.