Power and EM Side-Channel-Attack-Resilient AES-128 Core with Round-Aligned Globally-Synchronous-Locally-Asynchronous Operation Based on Tunable Replica Circuits.

Cryptographic hardware modules, by exhibiting unique power and EM signatures, are vulnerable to Side Channel Attacks (SCAs) revealing secret keys. Prior countermeasures based on power port [1] –[4] and masking [5] incur significant area and power overheads or are often not amenable to scaling and ASIC flow integration. Prior work on clock port randomization [6] can cause SoC timing verification and integration challenges. Prior asynchronous AES implementations [7] rely on dual-rail completion detection and round-key-unwrap, which are expensive in area/power. Readily adoptable designs exhibiting unique power and EM signatures need to work with system CLKNCC and maintain synchronicity with expected dataflow at higher levels of abstraction. However, defense-aware attacks such as trace-realignment align/average based on global CLK. This may be mitigated from intra-cycle time-dithering and randomized operation scheduling within the clock boundary. This work presents a Round-Aligned Globally-Synchronous-Locally-Asynchronous (RA-GSLA) architecture using Tunable Replica Circuits (TRCs) and stochastic parallel/serial module activity within one clock cycle as a countermeasure against Power/EM SCA. The key design attributes (Fig. 16.7.1(a)) are: (i) maintaining round integrity and synchronous operation at the clock boundary while performing intra-cycle asynchronous SCA-critical operations (Fig. 16.7.1(b)), (ii) TRC-based completion detection scheme and randomized fire timing incurring low power/area overhead, (iii) randomized sequencing and intra-round serial/parallel/null operation of security-critical modules, enabling greater/less than exactly one operation per module per round, improving SC entropy, (iv) timing and dataflow randomization for computations and register updates, (v) compatibility with any AES version (128/192/256) using external synchronous key-schedule, and (vi) fully synthesizable, all-digital, single supply and technology scaling-friendly design, without using any analog components.