Efficient FPGA Implementation of Dual-Rail Countermeasures using Stochastic Models

Dual-rail precharge logic (DPL) is a data hiding countermeasure against side channel attacks (SCA). Many variants of DPL have been introduced in the literature which target ASICs, FPGAs and microcontroller. A common problem which leads to failure of DPL on FPGA is imbalanced routing. FPGA designers have limited control over the FPGA placement and routing tools and therefore symmetrically routing a DPL design in FPGA is very difficult. Some FPGA tools like Xilinx ISE give the option to manually route the wires but for complex cryptographic circuits the number of wires are quite high which makes manual routing of every wire impractical. In this article, we briefly discuss methods which could reduce routing imbalance in dual-rail circuits when implemented in FPGAs. Nevertheless some imbalance is always present. Next we show how side channel tools can come handy to a designer in precisely estimating different aspects of leakage in the side channel. We compare template attacks, stochastic models and mutual information analysis in the given context. Results show that stochastic models are the most appropriate evaluation tool in this context and provide information on the leakage sources. Once this information is known, the leakage sources can be manually balanced.