RSA-4096 with a Comparison of Real and Simulated Side-Channel Attacks

Today, designing cryptographic hardware and embedded systems requires much more attention due to the wide range of practical side-channel attacksa. The processors that are responsible to perform the operations defined in cryptographic algorithms should also be resistant to these kinds of side-channel-attacks as well as being efficient in terms of area, performance and latency. To improve the hardware security, countermeasures against side-channel-attacksb should be investigated from an algorithmic level to an architectural design level in cryptographic implementations. These countermeasures are often tested using simulated timing information and power traces via software tools. In this project, we first develop and implement an algorithm for 4096-bit RSA using Montgomery modular multiplication with countermeasures against side-channel attacks built into the algorithm. Then, we examine the accuracy of these simulated side-channels on real power traces and timing information obtained from the actual FPGA on which the algorithm has been implemented in order to assess the accuracy of the simulated attacks. Our aim is to improve the hardware security to make the system durable to sidechannel-attacks. Due to the variety of system requirementsc, cost, computational performance and protecting against side-channel-attacks are all important design considerations. Through the proposed design techniques, which accommodate countermeasures against side-channels, security of the cryptosystem is improved in the hardware level. aTiming, power and electromagnetic channels are widely studied and allow practical attacks to break the cryptosystem. Acoustic cryptanalysis, differential fault analysis, data remanence and branch prediction attacks are also important in side-channel analysis bInitially, we consider timing and power attacks. Then, we may expand the study with the analysis of other side-channels if time permits. cSome of the applications require high-performance while some of them have constrained resources and requires fairly low throughput values. There are also a class of applications requiring both the performance and low-resource utilization at the same time.