Dual-Hiding Side-Channel-Attack Resistant FPGA-Based Asynchronous-Logic AES: Design, Countermeasures and Evaluation

We present a side-channel-attack (SCA) resistant asynchronous-logic (async-logic) Advanced Encryption Standard (AES) accelerator with dual-hiding SCA countermeasures, i.e. the amplitude moderation (vertical dimension) and the time moderation (horizontal dimension). There are five contributions in this paper. First, we propose an async-logic design flow with relative timing to simplify the AES realization in Field-Programmable-Gate-Array (FPGA). Second, we optimize completion detection circuits therein to achieve a low power/overhead solution. Third, we propose a randomized delay-line control and a data-propagation control to amplify the dual-hiding SCA countermeasures for our async-logic AES accelerator. Fourth, we validate the async-logic design flow based on two commercially-available Sakura-X and Arty-A7 FPGA boards. Fifth, we comprehensively evaluate 74 SCA attacking models for our async-logic AES accelerator on these two boards, and compare the results against a benchmarking AES based on synchronous-logic (sync-logic). We show that our async-logic AES accelerator is unbreakable within 1 million electromagnetic (EM) traces where the sync-logic counterpart is breakable within < 30K EM traces. To our best knowledge, our async-logic AES accelerator is the first async-logic AES design evaluated comprehensively at the first/last round, at various attacking locations (i.e. before/after Substitute-Box), and with various Hamming weight/distance, bit model, and zero-model of SCAs.