A Comprehensive FPGA-Based Assessment on Fault-Resistant AES against Correlation Power Analysis Attack

The secret key used in a cryptosystem can be retrieved by physical attacks such as side-channel analysis (SCA) and fault analysis (FA) attacks. Traditionally, countermeasures for different physical attacks are developed in a separate fashion. To lay a solid foundation for countermeasure development for the emerging combined attacks, it is imperative to thoroughly study how the countermeasure for one attack affects the efficiency of other attack. In this work, we use a FPGA-based platform to investigate whether and how the FA countermeasure can influence the efficiency of the correlation power analysis (CPA) attack. Unlike the previous work using simulations on the S-Box only, our assessments are based on the FPGA emulation of the entire AES. In addition to considering different error detection codes, we compare the key retrieval speed of the CPA attack in the scenarios of using different power models, redundancy types for fault detection, modules under fault protection, and practical FPGA synthesis optimization. Furthermore, we propose a new countermeasure that integrates dynamic masking and error deflection to simultaneously thwart CPA and FA attacks. Experimental results show that for 100,000 power traces, our method successfully prevents the key leakage while other methods leak at least five AES subkey bytes. Meanwhile, our simulation also confirms that the proposed method reduces the success rate of FA attacks by up to 90 % over the other methods.