A Digital Cascoded Signature Attenuation Countermeasure with Intelligent Malicious Voltage Drop Attack Detector for EM/Power SCA Resilient Parallel AES-256

Computationally secure cryptographic algorithm leaks meaningful side-channel information which can be exploited to extract confidential data. Circuit level countermeasures against power/ EM side channel attack (SCA) like current equalizer [1], series LDO with randomization [2], integrated buck regulator (IBR) [3] had been demonstrated recently providing moderate security (~10M) against Correlational Power/EM attack (CPA/CEMA). Current domain signature attenuation (CDSA) [4] achieved >1B minimum-traces-to-disclosure (MTD) with a single analog technique. Randomized non-linear LDO cascaded with arithmetic countermeasure achieves similar security [5], albeit with combination of two techniques. A process-scalable version of [4] achieved ~250M MTD [6] with bleed-RO randomization, and ~20M MTD without it [7]. Cascading this solution with TVTF [6] provided highest security till date. On the other hand, digital friendly NL-DLDO suffers from higher overhead. Arithmetic countermeasure is fully synthesizable, but algorithm specific, cannot be easily ported to another encryption algorithm. In [6], the digital friendly current source (CS) brings the benefit of signature attenuation in digital domain, however, lacks the high attenuation and MTD from Analog Cascode CS in [4]. Most importantly, a dedicated attack on the state-of-the-art (SoA) countermeasures is still left unexplored. This work for the first time explores the possibility of an attack on signature attenuation hardwares using malicious reduction of voltage and utilizes an intelligent attack detector circuit to detect such attacks and adapt to it to guarantee the efficacy of such signature attenuation-based countermeasures. Moreover, an improved digital-friendly cascoded CS is implemented achieving the highest signature attenuation with digital-friendly technique till date, i.e. a ~10x improvement without RO-bleed randomization. A detailed progress of countermeasure along with motivation is presented in Fig. 1. The 65nm CMOS test chip (side figure) consists of a parallel AES-256 encryption engine along with an Intelligent Digital Cascoded Signature Attenuation Circuit (i-DCSAC) as countermeasure and malicious attack detector.