Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[aes] Potential minor PRNG-related modifications for production #21167

Closed
vogelpi opened this issue Feb 2, 2024 · 1 comment · Fixed by #22844
Closed

[aes] Potential minor PRNG-related modifications for production #21167

vogelpi opened this issue Feb 2, 2024 · 1 comment · Fixed by #22844
Assignees
@vogelpi
Labels
Component:Security Earlgrey-PROD Candidate Temporary label to triage issues into Earlgrey-PROD Milestones IP:aes
Milestone
Earlgrey-PROD.M3

Comments

@vogelpi
Copy link
Contributor

vogelpi commented Feb 2, 2024

Description

Following the big PRNG change in #20852, there are some minor changes that we might want to implement, also based on the penetration testing results:

  • The 8-bit buffers for the PRD input inside the DOM S-Boxes should be moved up in the hierarchy. Ideally it's placed inside the aes_cipher_core.sv module. This doesn't change SCA properties but it simplifies control. This further allows taking the randomness for masking the initial state input from the buffers rather than from the PRNG directly (might be glitchy). This should have a beneficial impact on SCA hardening (to be evaluated on FPGA).
  • The PRNG should be advanced in every cycle (but not the FF-based buffers of course) to increase the noise level. This needs the change above.

This won't have a noticeable timing or area impact. I'm thus putting in M3.
@vogelpi vogelpi added Component:Security IP:aes Earlgrey-PROD Candidate Temporary label to triage issues into Earlgrey-PROD Milestones labels Feb 2, 2024
@vogelpi vogelpi added this to the Earlgrey-PROD.M3 milestone Feb 2, 2024
@vogelpi vogelpi self-assigned this Feb 2, 2024
This was referenced Feb 22, 2024
Closed
Closed
@matutem matutem changed the title [aes] Potential minor PRNG-related modifcations for production [aes] Potential minor PRNG-related modifications for production Mar 29, 2024
@vogelpi vogelpi mentioned this issue Apr 25, 2024
Merged
@andreaskurth
Copy link
Contributor

PR #22844, which will resolve this, is currently under review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vogelpi vogelpi

Labels
Component:Security Earlgrey-PROD Candidate Temporary label to triage issues into Earlgrey-PROD Milestones IP:aes
Projects
None yet
Milestone
Earlgrey-PROD.M3
Development

Successfully merging a pull request may close this issue.

[aes] Also advance the masking PRNG when not used during processing vogelpi/opentitan
2 participants
@andreaskurth @vogelpi