# An Evaluation of Power Side-Channel Resistance for RNS Secure Logic

^{*}

## Abstract

**:**

## 1. Introduction

#### 1.1. Related Work

#### 1.2. Proposed Approach

#### 1.3. Motivation

#### 1.4. Paper Organization

## 2. Basic Principles

#### Switching Uniformity

**Theorem**

**1.**

**Proof.**

**Theorem**

**2.**

**Theorem**

**3**

**.**Suppose that $\mho \subset \mathbb{M}$, where all the elements are pairwise co-prime. let ${Z}_{{m}_{1}}$, ${Z}_{{m}_{2}}$, …, ${Z}_{{m}_{k}}$ be integers ϵ℧. Then the system of congruences, $z\equiv {Z}_{{m}_{i}}$ (mod ${m}_{i}$) for $1\le i\le k$, has a unique solution modulo M = ${m}_{1}\times {m}_{2}\times \cdots \times {m}_{k}$, which is given by:

**Proof.**

**Definition**

**1.**

**(2,k,n) threshold secret sharing scheme:**Let n be an integer, $n\ge 3$, and $3\le k\le n$. A $(2,k,n)$-threshold secret sharing scheme is a method for generating shares for x as P = {${X}_{{m}_{1}}$,${X}_{{m}_{2}}$, …${X}_{{m}_{n}}$} such that

- For any $A\subset P$ such that $\left|A\right|<2$, learning the element x should be difficult.
- For any $A\subset P$ such that $\left|A\right|=2$, reconstruction of element x is possible, given that $gcd({m}_{i},{m}_{j})=1$.
- For any $A\subset P$ such that $\left|A\right|\ge k$, reconstruction of the element x becomes easier, given the set $\left\{{X}_{{m}_{i}}\right|i\u03f5A\}$ are relatively prime.

## 3. RNS Logic Resilience Characteristics

**Definition**

**2.**

**Masking:**An intermediate value v masked with r results in a masked value ${v}_{r}$ = $f(v,r)$ which is independent of v. The intermediate value is said to be masked, if the power consumption of ${v}_{r}$ is independent of v.

#### 3.1. Symmetry Property

#### 3.2. Symmetry in a Software Implementation of RNS

#### 3.3. Multi-Lane Computation

## 4. Power Side-Channel Adversary

**Definition**

**3.**

## 5. Results

#### 5.1. Modular Multiplication

#### 5.2. FPGA Evaluation

## 6. Conclusions

## Author Contributions

## Funding

## Informed Consent Statement

## Data Availability Statement

## Conflicts of Interest

## Abbreviations

RNS | Residue Number System |

ML | Machine Learning |

AES | Advanced Encryption Standard |

SCA | Side-Channel Attack |

DPA | Differential Power Analysis |

HO-SCA | Higher-Order Side-Channel Attack |

SABL | Sense Amplifier Based Logic |

WDDL | Wave Dynamic Differential Logic |

LDA | Linear Discriminant Analysis |

QDA | Quadratic Discriminant Analysis |

NB | Navie Bayes |

KL divergence | Kullback–Leibler divergence |

CRT | Chinese Remainder Theorem |

CPA | Correlation Power Analysis |

FPGA | Field Programmable Gate Array |

IoT | Internet of Things |

GE | Gate Equivalence |

## References

- Kocher, P.C.; Jaffe, J.; Jun, B. Differential power analysis. In Advances in Cryptology, Proceedings of the 19th Annual International Cryptology Conference (CRYPTO ’99), Santa Barbara, CA, USA, 15–19 August 1999; Springer: Berlin/Heidelberg, Germany, 1999; Volume 1666, pp. 388–397. [Google Scholar]
- Zhao, M.; Suh, G.E. FPGA-Based Remote Power Side-Channel Attacks. In Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 24 May 2018; pp. 229–244. [Google Scholar]
- Messerges, T.S. Securing the AES finalists against power analysis attacks. In Fast Software Encryption, Proceedings of the 7th International Workshop (FSE 2000), New York, NY, USA, 10–12 April 2000; Springer: Berlin/Heidelberg, Germany, 2000; Volume 1978, pp. 150–164. [Google Scholar]
- Trichina, E.; Korkishko, T. Secure AES hardware module for resource constrained devices. In Security in Ad-Hoc and Sensor Networks, Proceedings of the First European Workshop (ESAS 2004), Heidelberg, Germany, 6 August 2004; Revised Selected Papers; Springer: Berlin/Heidelberg, Germany, 2004; Volume 3313, pp. 215–230. [Google Scholar]
- Shamir, A. How to share a secret. Commun. ACM
**1979**, 22, 612–613. [Google Scholar] [CrossRef] - Ishai, Y.; Sahai, A.; Wagner, D.A. Private circuits: Securing hardware against probing attacks. In Advances in Cryptology, Proceedings of the 23rd Annual International Cryptology Conference (CRYPTO 2003), Santa Barbara, CA, USA, 17–21 August 2003; Springer: Berlin/Heidelberg, Germany, 2003; Volume 2729, pp. 463–481. [Google Scholar]
- Park, J.; Tyagi, A. t-Private logic synthesis on fpgas. In Proceedings of the International Symposium on Hardware-Oriented Security and Trust (HOST 2012), San Francisco, CA, USA, 3–4 June 2012; IEEE Computer Society: Washington, DC, USA, 2012; pp. 63–68. [Google Scholar]
- Park, J.; Tyagi, A. Towards making private circuits practical: DPA resistant private circuits. In Proceedings of the Computer Society Annual Symposium on VLSI (ISVLSI 2014), Tampa, FL, USA, 9–11 July 2014; IEEE Computer Society: Washington, DC, USA, 2012; pp. 528–533. [Google Scholar]
- Mangard, S.; Popp, T.; Gammel, B.M. Side-channel leakage of masked CMOS gates. In Topics in Cryptology, Proceedings of the Cryptographers’ Track at the RSA Conference 2005 (CT-RSA 2005), San Francisco, CA, USA, 14–18 February 2005; Springer: Berlin/Heidelberg, Germany, 2005; Volume 3376, pp. 351–365. [Google Scholar]
- Goddard, Z.N.; LaJeunesse, N.; Eisenbarth, T. Power analysis of the t-private logic style for fpgas. In Proceedings of the International Symposium on Hardware Oriented Security and Trust (HOST 2015), Washington, DC, USA, 5–7 May 2015; IEEE Computer Society: Washington, DC, USA, 2015; pp. 68–71. [Google Scholar]
- Nikova, S.; Rechberger, C.; Rijmen, V. Threshold implementations against side-channel attacks and glitches. In Information and Communications Security, Proceedings of the 8th International Conference (ICICS 2006), Raleigh, NC, USA, 4–7 December 2006; Springer: Berlin/Heidelberg, Germany, 2006; Volume 4307, pp. 529–545. [Google Scholar]
- Moradi, A. Statistical tools flavor side-channel collision attacks. In Advances in Cryptology, Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2012), Cambridge, UK, 15–19 April 2012; Springer: Berlin/Heidelberg, Germany, 2012; Volume 7237, pp. 428–445. [Google Scholar]
- Messerges, T.S. Using second-order power analysis to attack DPA resistant software. In Cryptographic Hardware and Embedded Systems, Proceedings of the Second International Workshop (CHES 2000), Worcester, MA, USA, 17–18 August 2000; Springer: Berlin/Heidelberg, Germany, 2000; Volume 1965, pp. 238–251. [Google Scholar]
- Bucci, M.; Giancane, L.; Luzzi, R.; Trifiletti, A. Three-phase dual-rail pre-charge logic. In Cryptographic Hardware and Embedded Systems, Proceedings of the 8th International Workshop (CHES 2006), Yokohama, Japan, 10–13 October 2006; Springer: Berlin/Heidelberg, Germany, 2006; Volume 4249, pp. 232–241. [Google Scholar]
- Tiri, K.; Verbauwhede, I. Design method for constant power consumption of differential logic circuits. In Proceedings of the Conference on Design, Automation and Test in Europe, Munich, Germany, 7–11 March 2005. [Google Scholar]
- Guilley, S.; Chaudhuri, S.; Sauvage, L.; Graba, T.; Danger, J.; Hoogvorst, P.; Vong, V.; Nassar, M.; Flament, F. Shall We Trust WDDL? Vieweg + Teubner: Wiesbaden, Germany, 2009; pp. 208–215. [Google Scholar]
- Chong, K.-S.; Ng, J.-S.; Chen, J.; Lwin, N.K.Z.; Kyaw, N.A.; Ho, W.-G.; Chang, J.S.; Gwee, B.-H. Dual-hiding side-channel-attack resistant fpga-based asynchronous-logic AES: Design, countermeasures and evaluation. IEEE J. Emerg. Sel. Top. Circuits Syst.
**2021**, 11, 343–356. [Google Scholar] [CrossRef] - Hettwer, B.; Das, K.; Leger, S.; Gehrer, S.; Güneysu, T. Lightweight side-channel protection using dynamic clock randomization. In Proceedings of the 30th International Conference on Field-Programmable Logic and Applications (FPL 2020), Gothenburg, Sweden, 31 August–4 September 2020; pp. 200–207. [Google Scholar]
- Selvam, R.; Tyagi, A. Power distribution network capacitive decoupling for side-channel resistance. In Proceedings of the International Symposium on Smart Electronic Systems (iSES 2021), Jaipur, India, 18–22 December 2021; IEEE Computer Society: Washington, DC, USA, 2021; pp. 183–188. [Google Scholar]
- Barati, A.; Dehghan, M.; Movaghar, A.; Barati, H. Improving Fault Tolerance in Ad-Hoc Networks by Using Residue Number System. J. Appl. Sci.
**2008**, 8, 3273–3278. [Google Scholar] [CrossRef] - Babenko, M.; Tchernykh, A.; Kuchukov, V. Improved modular division implementation with the akushsky core function. Computation
**2022**, 10, 9. [Google Scholar] [CrossRef] - Ma, S.; Hu, S.; Yang, Z.; Wang, X.; Liu, M.; Hu, J. High precision multiplier for RNS 2n − 1, 2n, 2n + 1. Electronics
**2021**, 10, 1113. [Google Scholar] [CrossRef] - Gomathisankaran, M.; Tyagi, A.; Namuduri, K. HORNS: A homomorphic encryption scheme for Cloud Computing using Residue Number System. In Proceedings of the 45th Annual Conference on Information Sciences and Systems (CISS 2011), Baltimore, MD, USA, 23–25 March 2011; pp. 1–5. [Google Scholar]
- Gomathisankaran, M.; Tyagi, A. A novel design of secure and private circuits. In Proceedings of the Computer Society Annual Symposium on VLSI (ISVLSI 2012), Amherst, MA, USA, 19–21 August 2012; IEEE Computer Society: Washington, DC, USA, 2012; pp. 362–367. [Google Scholar]
- Park, J.; Tyagi, A. Security metrics for power based SCA resistant hardware implementation. In Proceedings of the29th International Conference on VLSI Design and 15th International Conference on Embedded Systems (VLSID 2016), Kolkata, India, 4–8 January 2016; IEEE Computer Society: Washington, DC, USA, 2016; pp. 541–546. [Google Scholar]
- Selvam, R.; Tyagi, A. Power side channel resistance of RNS secure logic. In Proceedings of the31st International Conference on VLSI Design and 17th International Conference on Embedded Systems (VLSID 2018), Pune, India, 6–10 January 2018; IEEE Computer Society: Washington, DC, USA, 2018; pp. 143–148. [Google Scholar]
- Blakley, G.R.; Meadows, C.A. Security of ramp schemes. In Advances in Cryptology, Proceedings of the CRYPTO ’84, Santa Barbara, CA, USA, 19–22 August 1984; Springer: Berlin/Heidelberg, Germany, 1984; Volume 196, pp. 242–268. [Google Scholar]
- Montgomery, P.L. Modular multiplication without trial division. Math. Comput.
**1985**, 44, 519–521. [Google Scholar] [CrossRef] - Dussé, S.R.; Kaliski, B.S., Jr. A cryptographic library for the motorola DSP56000. In Advances in Cryptology, Proceedings of the Workshop on the Theory and Application of of Cryptographic Techniques (EUROCRYPT ’90), Aarhus, Denmark, 21–24 May 1990; Springer: Berlin/Heidelberg, Germany, 1990; Volume 473, pp. 230–244. [Google Scholar]
- O’Flynn, C.; Chen, Z.D. Chipwhisperer: An open-source platform for hardware embedded security research. In Constructive Side-Channel Analysis and Secure Design, Proceedings of the 5th International Workshop (COSADE 2014), Paris, France, 13–15 April 2014; Springer: Berlin/Heidelberg, Germany, 2014; Volume 8622, pp. 243–260. [Google Scholar]

x | r | ${\mathit{X}}_{{\mathit{m}}_{1}}$ | ${\mathit{X}}_{{\mathit{m}}_{2}}$ |
---|---|---|---|

Classifier | Success Rate | ||
---|---|---|---|

l = 3 | l = 4 | l = 5 | |

LDA | 50.05% | 51.39% | 50.57% |

QDA | 52.08% | 50.89% | 50.68% |

Naives Bayes | 62.50% | 47.96% | 47.92% |

Symmetry | 0.80 | 0.91 | 0.99 |

KL divergence($D{L}_{max}$) | 0.1165 | 0.0227 | 0.00634 |

Transition | RNS Secure Circuit | Random Renewal Scheme | Random Renewal with t-Private | |||
---|---|---|---|---|---|---|

Power ($\mathit{\mu}$W) | Peak Current (mA) | Power ($\mathit{\mu}$W) | Peak Current (mA) | Power ($\mathit{\mu}$W) | Peak Current (mA) | |

0 → 0 | 103.06 | 1.04 | 799.81 | 2.616 | 1112.56 | 4.505 |

0 → 1 | 101.49 | 0.88 | 798.86 | 2.595 | 1114.35 | 4.511 |

1 → 0 | 102.25 | 0.65 | 799.30 | 2.610 | 1107.93 | 4.507 |

1 → 1 | 103.65 | 0.65 | 798.21 | 2.586 | 1109.50 | 4.508 |

Average ($\mu $) | 102.618 | 0.862 | 799.05 | 2.602 | 1111.12 | 4.508 |

Standard Deviation ($\sigma $) | 0.945 | 0.158 | 0.0058 | 0.0120 | 0.00026 | 0.0022 |

Coefficient of Variation ($\frac{\sigma}{\mu}$) | 0.0092 | 0.1835 | 0.00007 | 0.0004 | 0.000023 | 0.00049 |

KL Divergence ($D{L}_{max}$) | - | 4.539 | - | 1.8409 | - | 0.7312 |

Transition | RNS Secure Circuit | Random Renewal Scheme | Random Renewal with t-Private | |||
---|---|---|---|---|---|---|

Power ($\mathit{\mu}$W) | Peak Current (mA) | Power ($\mathit{\mu}$W) | Peak Current (mA) | Power ($\mathit{\mu}$W) | Peak Current (mA) | |

0 → 0 | 102.78 | 0.92 | 799.80 | 2.620 | 1113.70 | 4.517 |

0 → 1 | 102.00 | 1.05 | 798.86 | 2.618 | 1115.00 | 4.525 |

1 → 0 | 102.07 | 1.03 | 799.29 | 2.616 | 1109.80 | 4.515 |

1 → 1 | 104.90 | 0.77 | 798.21 | 2.617 | 1110.70 | 4.516 |

Average ($\mu $) | 102.93 | 0.947 | 799.04 | 2.618 | 1112.30 | 4.518 |

Standard Deviation ($\sigma $) | 1.351 | 0.128 | 0.0058 | 0.0015 | 0.0002 | 0.00401 |

Coefficient of Variation ($\frac{\sigma}{\mu}$) | 0.0131 | 0.1348 | 0.00007 | 0.00057 | 0.000017 | 0.00088 |

KL Divergence ($D{L}_{max}$) | - | 1.212 | - | 0.1620 | - | 0.0688 |

**Table 5.**Success rate on t-private, base RNS, random renewal, random renewal with t-private with a single shared random variable.

Classifier | t-Private | RNS Secure Circuit | Random Renewal Scheme | Random Renewal with t-Private |
---|---|---|---|---|

LDA | 36.9% | 25.28% | 25.05% | 30.80% |

QDA | 31.4% | 25.55% | 25.57% | 35.71% |

Naives Bayes | 40.3% | 27.64% | 24.74% | 23.49% |

Transition | Montgomery Modular Multiplication | Arithmetic Modular Multiplication | ||
---|---|---|---|---|

Power ($\mathit{\mu}\mathbf{W}$) | Peak Current (mA) | Power ($\mathit{\mu}\mathbf{W}$) | Peak Current (mA) | |

0 → 0 | 1616.91 | 4.9815 | 2224.20 | 6.8296 |

0 → 1 | 1613.20 | 4.9711 | 2224.10 | 6.8305 |

1 → 0 | 1614.90 | 4.9759 | 2224.50 | 6.8315 |

1 → 1 | 1611.21 | 4.9642 | 2224.50 | 6.8314 |

Average ($\mu $) | 1614.06 | 4.9732 | 2224.33 | 6.8307 |

Standard Deviation ($\sigma $) | 2.10298 | 0.007359 | 0.178536 | 0.000769 |

Coefficient of Variation ($\frac{\sigma}{\mu}$) | 0.00130 | 0.00147 | 0.00008023 | 0.00112 |

KL divergence ($D{L}_{max}$) | - | 0.0204 | - | 0.0024 |

Classifier | Montgomery | Arithmetic |
---|---|---|

LDA | 36.64% | 33.72% |

QDA | 37.04% | 35.77% |

Naives Bayes | 19.48% | 22.78% |

Implementation | Slice Registers | Slice LUTs | Slice Occupied |
---|---|---|---|

AES encryption | 1002 | 3208 | 998 |

AES—RNS circuit Mod3 | 1437 | 7089 | 1971 |

AES—RNS circuit Mod4 | 1437 | 7158 | 1994 |

AES—RNS circuit Mod5 | 1437 | 7913 | 2098 |

Total Resources (Mod3 + Mod4 + Mod5) | 4311 | 22,160 | 6063 |

Parameter | Length/Size |
---|---|

AES plaintext size | 128 bit |

AES secret key size | 128 bit |

AES plaintext residue share size | 384 bit |

AES secret key residue share size | 384 bit |

size of residue share per bit (l) | 3 bit |

modulus values | 3 bit |

data recorded | 100,000 |

training dataset | 80,000 |

test dataset | 20,000 |

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |

© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Selvam, R.; Tyagi, A.
An Evaluation of Power Side-Channel Resistance for RNS Secure Logic. *Sensors* **2022**, *22*, 2242.
https://doi.org/10.3390/s22062242

**AMA Style**

Selvam R, Tyagi A.
An Evaluation of Power Side-Channel Resistance for RNS Secure Logic. *Sensors*. 2022; 22(6):2242.
https://doi.org/10.3390/s22062242

**Chicago/Turabian Style**

Selvam, Ravikumar, and Akhilesh Tyagi.
2022. "An Evaluation of Power Side-Channel Resistance for RNS Secure Logic" *Sensors* 22, no. 6: 2242.
https://doi.org/10.3390/s22062242