Towards efficient and automated side-channel evaluations at design time
- PDF / 1,805,756 Bytes
- 15 Pages / 595.276 x 790.866 pts Page_size
- 97 Downloads / 160 Views
REGULAR PAPER
Towards efficient and automated side-channel evaluations at design time Danilo Šijaˇci´c1
· Josep Balasch1 · Bohan Yang1 · Santosh Ghosh2 · Ingrid Verbauwhede1
Received: 31 January 2019 / Accepted: 26 May 2020 © Springer-Verlag GmbH Germany, part of Springer Nature 2020
Abstract Models and tools developed by the semiconductor community have matured over decades of use. As a result, hardware simulations can yield highly accurate and easily automated pre-silicon estimates for, e.g., timing and area figures. In this work, we design, implement, and evaluate CASCADE, a framework that combines a largely automated full-stack standard cell design flow with the state-of-the-art techniques for side-channel analysis. We show how it can be used to efficiently evaluate side-channel leakage prior to chip manufacturing. Moreover, it is independent of the underlying countermeasure and it can be applied starting from the earliest stages of the design flow. Additionally, we provide experimental validation through assessment of the side-channel security of representative cryptographic circuits. We discuss aspects related to the performance, scalability, and utility to the designers. In particular, we show that CASCADE can evaluate information leakage with 1 million simulated traces in less than 4 h using a single desktop workstation, for a design larger than 100 kGE. Keywords Side-channel analysis · ASIC · Hardware simulation · Design time methodology
1 Introduction Side-channel analysis (SCA), introduced by Kocher et al. [19,20], is acknowledged as a major threat to cryptographic implementations. Unlike conventional cryptanalysis techniques that stem from mathematics, SCA leverages inforThis work was supported in part by the European Commission through Horizon 2020 research and innovation programmes under the Marie Skłodowska-Curie Grant 643161 and Cathedral ERC Advanced Grant 695305; by the Research Council KU Leuven C1 on Security and Privacy for Cyber-Physical Systems and the Internet of Things with contract number C16/15/058; and by Intel Corporation.
B
Danilo Šijaˇci´c [email protected] Josep Balasch [email protected] Bohan Yang [email protected] Santosh Ghosh [email protected] Ingrid Verbauwhede [email protected]
1
imec-COSIC, KU Leuven, Belgium
2
Intel Labs, Intel Corporation, Hillsboro, OR, USA
mation that leaks through inherent physical channels. These physical magnitudes carry within information about the values and operations internally processed by a circuit, including cryptographic keys. The most prominent exploitable physical side channels include timing [19], power consumption [20], and electromagnetic emissions [12]. Seminal simple power analysis (SPA) and differential power analysis (DPA) [20] attacks were soon followed by techniques such as correlation power analysis (CPA) [6] or mutual information analysis (MIA) [14]. These attacks have been used to break security features of commercial devices [2,10,26]. In parallel with this,
Data Loading...
