A Highly Secure FPGA-Based Dual-Hiding Asynchronous-Logic AES Accelerator Against Side-Channel Attacks

Encryption in field-programmable gate array (FPGA) often provides a good security solution to protect data privacy in Internet-of-Things systems, but this security solution can be compromised by side-channel attacks (SCAs). In this article, we present an FPGA-based dual-hiding asynchronous-logic (async-logic) advanced encryption standard (AES) accelerator, which is highly resistant against SCAs and yet low area/energy overheads. The proposed AES accelerator achieves vertical (amplitude) SCA hiding via an area-efficient dual-rail mapping approach and a zero-value (ZV) compensated substitution-box (S-Box), while enhancing the horizontal (temporal) SCA hiding of async-logic operations via a timing-boundary-free input arrival-time randomizer and a skewed-delay controller. A comprehensive SCA evaluation is performed with 11 SCA models, and we show that our proposed design can offer a strong SCA resistance with measurement-to-disclosure (MTD) of >20 million traces. To our best knowledge, our design is the most secure AES design evaluated with the largest number of traces in FPGA. To compare the design overheads for security, we quantify the figure of merit as normalized (Area $\times $ Energy/MTD(All) $\times 10^{6}$ ). The figure of merit of our proposed design is $403\times $ smaller than the benchmark dual-rail synchronous-logic design and $95\times $ smaller than a reported async-logic design.