How much crypto in one microJoule? · Ingrid Verbauwhede, KU Leuven - COSIC 1 KU Leuven - COSIC...

Real World Crypto – Stanford, CA January 2013

Ingrid Verbauwhede, KU Leuven - COSIC 1

KU Leuven - COSIC Real World Crypto 2013 - 1 Stanford, January 2013

How much crypto in one microJoule?

Ingrid Verbauwhede ingrid.verbauwhede-at-esat.kuleuven.be

KU Leuven, COSIC

Acknowledgements: Current and former Ph.D. students

at UCLA and KU Leuven

KU Leuven - COSIC ECRYPT - VAMPIRE 2012 - 2 Antwerp, November 2012

Light weight crypto for IoT

•  Example: Medical Internet of Things •  Design constraints: area - time - energy/power •  Energy – Flexibility trade-off •  ASIC design, hardware specialization •  Cost of crypto primitives •  Cost of countermeasures




Medical Internet of Things

IMEC: Human++, NERF - brain stimulant

Deep Brain stimulation [Sources: J. Rabaey, National Institutes of Health, Neurology journal]


Medical implants

•  Power is limited –  Cooling!! –  Implanted devices only temperature ∆ < 1 °C

•  Energy Battery is limited –  Pace maker battery is not rechargeable –  One AAA battery is 1300 … 5000 Joules

•  How much crypto in one micro Joule or 10 microWatt ?




Other applications

•  Smartcards •  RFID tags •  Smart meters •  Keys •  … Ari Juels: RFID tracking problem


IoT Devices

NEED BOTH

•  Efficient, lightweight implementations –  Within power, area, timing budgets –  Public key: 2048 bits RSA, 200 bit ECC on 8 bit µC and 100 µW –  Public key on a passive RFID tag

•  Trustworthy implementation –  Resistant to attacks –  Active attacks: probing, power glitches, JTAG scan chain –  Passive attacks: side channel attacks




Hardware Design Parameters

Embedded security: Area, delay, power, energy,

physical security


Power and Energy are not the same! •  Power = P = I x V (current x voltage) (= Watt)

–  instantaneous –  Typically checked for cooling or for peak performance

•  Energy = Power x execution time (= Joule) –  Battery content is expressed in Joules –  Gives idea of how much Joules to get the job done

Low power processor ≠ low energy solution !

Pow

er

Time

Pow

er

Time




Cost of crypto primitives

Crypto for 1 micro-Joule: Energy - flexibility trade-off


Illustrate with examples

•  Example 1: Secret Key: AES, KATAN •  Example 2: NIST SHA3 •  Example 3: Public key, ECC for RFID •  Example 4: cost of physical security




Example: Rijndael/AES

Key

Sch

edul

e round

. . . . .

round

round

round

S S S S S S S S S S S S S S S S

S S S S S S S S S S S S S S S S MixColumns MixColumns MixColumns MixColumns

•  key length: 16/24/32 bytes •  block length: 16/24/32 bytes


[1] Amphion CS5230 on Virtex2 + Xilinx Virtex2 Power Estimator [2] Dag Arne Osvik: 544 cycles AES – ECB on StrongArm SA-1110 [3] Helger Lipmaa PIII assembly handcoded + Intel Pentium III (1.13 GHz) Datasheet [4] gcc, 1 mW/MHz @ 120 Mhz Sparc – assumes 0.25 u CMOS [5] Java on KVM (Sun J2ME, non-JIT) on 1 mW/MHz @ 120 MHz Sparc – assumes 0.25 u CMOS [6] Shay Gueron, Intel

Asm Pentium III [3]

Java [5] Emb. Sparc

C Emb. Sparc [4]

Power

FPGA [1]

0.18um CMOS

Figure of Merit (Gb/s/W = Gb/J)

Throughput AES 128bit key 128bit data

Throughput – Energy numbers

ASM StrongARM [2]

Intel ISA for AES [6]

648 Mbits/sec

450 bits/sec

133 Kbits/sec

1.32 Gbit/sec

3.84 Gbits/sec

31 Mbit/sec

32 Gbit/sec

41.4 W

120 mW

350 mW

490 mW

120 mW

240 mW

95 W

0.0000037 (1/3.000.000)

0.015 (1/800)

0.0011 (1/10.000)

11 (1/1)

2.7 (1/4)

0.13 (1/85)

0.34 (1/33)




Match between algorithm & platform

Close the gap: •  Dedicated HW: ASIC, SOC •  Programmable HW: FPGA •  Dedicated instructions, hand-

coded assembly •  Compiled code •  JAVA on virtual machine,

compiled on a real machine

Power Cost

???

General Purpose

Fixed

Platform

Application

ASIC

Energy - flexibility trade-off


1 microJoule

•  11000 bits AES (optimized version) •  3000 to 10K gates area = small




Light weight crypto: KATAN - KTANTAN

Block size

Key size

Memory Datapath + Control “redundant” logic

CHES 2009: De Canniere, Dunkelman, Knezevic 80 bits key 32 - 48 - 64 bits block 254 rounds Max 1000 gates

[slide input: Miroslav Knežević]


1 microJoule

•  110000 bits KATAN, <1000 gates •  11000 bits AES (ASIC) 3000 to 10K gates

‘light’ ≠ low Joules only small area




SHA3 – competition:

One size fits all


SHA 3 ASIC (90nm) synthesis

[slide input: Miroslav Knežević]

Throughput Mbits (@250MHz)

Gate (GE)

Energy (pJ/bit)

SHA256 2000 12K 2

Blake 6000 30K 2.5

Grøstl 13000 86K 2.5

JH 4600 30K 2

Keccak 15000 30K 1

Skein 6700 43K 6




Keccak in SW

•  Keccak on ATtiny45 at 8MHz •  540 microWatt at 1MHz (spec) •  716 * 10^3 clock cycles to hash 500 Bytes

•  Result: 100 pJ/bit •  So again: SW is 100 less efficient than HW

J. Balasch, B. Ege, Th. Eisenbarth, B. Gérard, Z Gong, T Güneysu, S Heyse, S Indesteege, S Kerckhof, F Koeune, T Nad, T Plos, T Pöppelman, F Regazzoni, F Standaert, G Van Assche, I von Maurich, L van Oldeneel Open Source Implementations of Hash Functions in an Atmel AtTiny45, ECRYPT.


1 microJoule

•  110000 bits KATAN, < 1000 gates •  11000 bits AES encryption, 3000 gates •  1000 bits Keccak hash, 30K gates




Example 3:Public key - Elliptic Curve Cryptography

Push for lowest energy to fit budget of IoT


Challenge: low power public key …

•  Protocol : asymmetric (most work for the reader)

•  Algorithm: Elliptic curve (163 bits) instead of RSA (min 1024 bits)

•  Field Operation: Binary and not Prime fields: easier field operations

•  Projective coordinate system: (X, Y, Z) instead of (x,y): no field inversions

•  Special coordinate system: no need to store Y coordinates (Lopez-Dahab) and common Z (only one Z coordinate)

•  Minimize storage: Only 5 registers (with mult/add/square unit) or 6 registers (with mult/add-only unit) compared to 9+ registers before.

D Q

Vcc

CPU MALU

MEM

JCA Java

JVM

CLK

Cloning Tracking

D Q

Vcc

8 bit uP MEM

Montgomery ladder Projective

Common Z coord

CLK

Scalable

Binary field 2^163 Elliptic curve

REG

Address at all design abstraction levels!




Results •  Results: ECC co-processor that can compute:

–  ECC point multiplications (163 by 4) –  Scalar modular operations (8 bit processor with redundancy)

•  Schnorr (secure ID transfer, but no tracking protection): one PM •  More advanced protocols: up to four PM on tag •  14K gates, 79K cycles •  At 500 KHz, corresponds to 30 microWatt and 158 msec •  One point multiplication = 4.8 microJoule


1 microJoule •  110000 bits KATAN •  11000 bits AES encryption •  1000 bits KECCAK hash •  1/5 of one point multiplication

Still to add physical security …




•  Standard cell based dynamic differential logic •  Power consumption independent (in ideal case) of

data processed

Circuit level counter measure: WDDL

A

A

B

B

Y

Y

AOI22X1

OAI22X1

INVX4

INVX4

C0

OAI221X1

AOI221X1 A0 A1 B0 B1

Y

Y

INVX2

INVX2 A0 A1 B0 B1 C0

KU Leuven - COSIC ECRYPT - VAMPIRE 2012 - 26 Antwerp, November 2012

Prototype IC – ThumbPodII •  AES, controller, fingerprint processor.

insecure single-ended

secure WDDL

differential route

Area: factor 2.5 Power: factor 3 to 4 !




1 microJoule •  110000 bits KATAN •  11000 bits AES encryption •  2000 bits AES with WDDL •  1000 bits KECCAK hash •  1/5 of one point multiplication


28

Attacks vs. countermeasures

Balanced PA/PD

Double-and-add-always

Montgomery Powering Ladder┴

Montgomery Powering Ladder┬

Random scalar split

Scalar randomization

Base point blinding

Random projective coordinates

Randomized EC isomorphism

Randomized field isomorphism

Point validity check

Curve integrity check

Coherence check

Passive SCA

Timing analysis

Simple power analysis

Differential power analysis

Template attack

Comparative SCA

Refined power analysis

Carry-base attack

Active SCA

M safe-error

C safe-error

Invalid points

Invalid curves

Twist curves

Sign-change attacks

Differential faults

Attackers need only a single successful attack to win.

[source: Junfeng Fan]




29

Attacks vs. countermeasures

√ : Effective -- : Irrelevant × : Attacked H : helps the attack ? : Unclear

Countermeasures Passive Attacks

Active Attacks Safe-error Weak curve Differential

Balanced PA/PD √ √ -- -- ? -- -- -- -- -- -- -- -- -- Double-and-add-always √ √ -- -- × -- -- -- ×H -- -- -- -- -- Montgomery Powering Ladder┴ √ √ -- -- × × -- √ √ -- -- H √ -- Montgomery Powering Ladder┬ √ √ -- -- × × -- √ √ -- -- √ -- -- Random scalar split -- -- ? √ ? √ × -- ? -- -- √ ? ? Scalar randomization -- -- × × × √ × -- ? -- -- -- ? ? Base point blinding -- -- × × × √ -- -- -- ? -- -- -- ? Random projective coordinates -- -- √ √ ? × -- -- -- -- -- -- -- ? Randomized EC isomorphism -- -- ? √ ? × -- -- -- -- -- -- -- ? Randomized field isomorphism -- -- ? √ ? × -- -- -- -- -- -- -- ? Point validity check -- -- -- -- -- -- -- -- H √ ? √ H √ Curve integrity check -- -- -- -- -- -- -- -- -- ? √ -- -- -- Coherence check -- -- -- -- -- -- -- -- H -- ? -- √ √

TA

SPA

Tem

plat

e

DPA

Com

para

tive

SCA

RPA

/ZPA

Car

ry-b

ased

at

tack

M sa

fe-e

rror

C sa

fe-e

rror

Inva

lid p

oint

Inva

lid c

urve

Twis

t cur

ve

Sign

cha

nge

Diff

eren

tial [source: Junfeng Fan]


Conclusion: 1 microJoule

•  110000 bits KATAN •  11000 bits AES •  2000 bits AES with WDDL •  1000 bits Keccak hash •  1/5 of one point multiplication •  1/10 of one point mult WITH randomization

•  100% overhead for physical security…

And remember: low power is NOT low energy

How much crypto in one microJoule? · Ingrid Verbauwhede, KU Leuven - COSIC 1 KU Leuven - COSIC...

Documents

Transcript of How much crypto in one microJoule? · Ingrid Verbauwhede, KU Leuven - COSIC 1 KU Leuven - COSIC...