Abstract
For many years EM Side-Channel Attacks, which exploit the statistical link between the magnetic field radiated by secure ICs and the data they process, are a critical threat. Indeed, attackers need to find only one hotspot (position of the EM probe over the IC surface) where there is an exploitable leakage to compromise the security of the IC and its data. As a result, designing secure ICs robust against these attacks is incredibly difficult because designers must ensure there is no exploitable hotspot over the whole IC surface. This task is all the more difficult as there is no CAD tool to compute the magnetic field radiated by ICs and hence no methodology to detect hotspots at the design stages. In addition, simulations are noise-free and that makes correlation maps useless in identifying potential hotspots. Within this context, this paper introduces a flow allowing predicting the EM radiations of ICs as well as two different methodologies to disclose coordinates of an IC where an attacker can break the security. The first one aims at identifying and quantifying the potential risks of EM hotspots at the surface of ICs, i.e. positions where to place an EM probe to capture a leakage. The second aims at locating leakage hotspots in ICs, i.e. areas in circuits from where these leakages originate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Artusi, R., Verderio, P., Marubini, E.: Bravais-pearson and spearman correlation coefficients: meaning, test of hypothesis and confidence interval. Int. J. Biol. Mark. 17(2), 148–151 (2002). https://doi.org/10.1177/172460080201700213. pMID: 12113584
Bobko, P.: Correlation and Regression: Applications for Industrial Organizational Psychology and Management, 2nd edn. Sage Publications, Thousand Oaks (2001)
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2
Diop, I., Carbone, M., Ordas, S., Linge, Y., Liardet, P.Y., Maurine, P.: Collision for estimating SCA measurement quality and related applications. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 143–157. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_9
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_21
Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_27
He, M.T., Park, J., Nahiyan, A., Vassilev, A., Jin, Y., Tehranipoor, M.M.: RTL-PSC: automated power side-channel leakage assessment at register-transfer level. CoRR abs/1901.05909 (2019). arXiv:1901.05909
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Kumar, A., Scarborough, C., Yilmaz, A., Orshansky, M.: Efficient simulation of EM side-channel attack resilience. In: Parameswaran, S. (ed.) 2017 IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2017, Irvine, CA, USA, 13–16 November 2017, pp. 123–130. IEEE (2017). https://doi.org/10.1109/ICCAD.2017.8203769
Lomné, V., Maurine, P., Torres, L., Ordas, T., Lisart, M., Toublanc, J.: Modeling time domain magnetic emissions of ICs. In: van Leuken, R., Sicard, G. (eds.) PATMOS 2010. LNCS, vol. 6448, pp. 238–249. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-17752-1_24
Menichelli, F., Menicocci, R., Olivieri, M., Trifiletti, A.: High-level side-channel attack modeling and simulation for security-critical systems on chips. IEEE Trans. Dependable Secur. Comput. 5(3), 164–176 (2008). https://doi.org/10.1109/TDSC.2007.70234
Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44499-8_19
Nahiyan, A., et al.: SCRIPT: a CAD framework for power side-channel vulnerability assessment using information flow tracking and pattern generation. ACM Trans. Design Autom. Electron. Syst. 25(3), 26:1–26:27 (2020). https://doi.org/10.1145/3383445
Ordas, T., Lisart, M., Sicard, E., Maurine, P., Torres, L.: Near-field mapping system to scan in time domain the magnetic emissions of integrated circuits. In: Svensson, L., Monteiro, J. (eds.) PATMOS 2008. LNCS, vol. 5349, pp. 229–236. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-540-95948-9_23
Regazzoni, F., et al.: A simulation-based methodology for evaluating the dpa-resistance of cryptographic functional units with application to CMOS and MCML technologies. In: Blume, H., Gaydadjiev, G., Glossner, C.J., Knijnenburg, P.M.W. (eds.) Proceedings of the 2007 International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation (IC-SAMOS 2007), Samos, Greece, 16–19 July 2007, pp. 209–214. IEEE (2007). https://doi.org/10.1109/ICSAMOS.2007.4285753
Regazzoni, F., et al.: A design flow and evaluation framework for DPA-resistant instruction set extensions. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 205–219. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_15
Sijacic, D., Balasch, J., Yang, B., Ghosh, S., Verbauwhede, I.: Towards efficient and automated side channel evaluations at design time. In: Batina, L., Kühne, U., Mentens, N. (eds.) PROOFS 2018, 7th International Workshop on Security Proofs for Embedded Systems, colocated with CHES 2018, Amsterdam, The Netherlands, 13 September 2018. Kalpa Publications in Computing, vol. 7, pp. 16–31. EasyChair (2018). http://www.easychair.org/publications/paper/xPnF
Specht, R., Heyszl, J., Sigl, G.: Investigating measurement methods for high-resolution electromagnetic field side-channel analysis. In: 2014 International Symposium on Integrated Circuits (ISIC), Singapore, 10–12 December 2014, pp. 21–24. IEEE (2014). https://doi.org/10.1109/ISICIR.2014.7029532
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_26
Tiri, K., Verbauwhede, I.: A digital design flow for secure integrated circuits. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 25(7), 1197–1208 (2006). https://doi.org/10.1109/TCAD.2005.855939
Vasselle, A., Maurine, P., Cozzi, M.: Breaking mobile firmware encryption through near-field side-channel analysis. In: Chang, C., Rührmair, U., Holcomb, D.E., Schaumont, P. (eds.) Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop, ASHES@CCS 2019, London, UK, 15 November 2019, pp. 23–32. ACM (2019). https://doi.org/10.1145/3338508.3359571
Wei, L., Luo, B., Li, Y., Liu, Y., Xu, Q.: I know what you see: power side-channel attack on convolutional neural network accelerators. In: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, 03–07 December 2018, pp. 393–406. ACM (2018). https://doi.org/10.1145/3274694.3274696
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
A Appendix
A Appendix
Equation 12 is obtained knowing that the SNR is defined as the ratio between the signal and noise variances. V(S) is computed starting from simulated traces and \(V(\eta )\) is given by Eq. 11. Detailed calculations below:
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Poggi, D., Maurine, P., Ordas, T., Sarafianos, A. (2021). Protecting Secure ICs Against Side-Channel Attacks by Identifying and Quantifying Potential EM and Leakage Hotspots at Simulation Stage. In: Bhasin, S., De Santis, F. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2021. Lecture Notes in Computer Science(), vol 12910. Springer, Cham. https://doi.org/10.1007/978-3-030-89915-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-89915-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-89914-1
Online ISBN: 978-3-030-89915-8
eBook Packages: Computer ScienceComputer Science (R0)