RAESCY: A power side channel assessment framework for pre and post-silicon evaluation

Abstract

Demand for smart, Internet-connected devices and other electronics has increased dramatically in recent years. This increase in demand for technological devices, driven by advancements in Artificial Intelligence (AI), the Internet of Things (IoT), and autonomous systems, has exposed the digital system to potential security threats. As more devices access personal data, data protection and security have become increasingly challenging. The rise in security incidents, such as the MOVEit attack and the NeBu data breach, highlights the urgency for better security systems. Malicious attacks can manifest at different levels, ranging from the network and system to the circuit level. Power side-channel attacks, which exploit variations in power consumption to obtain sensitive information, have proven effective against modern cryptographic implementations. In response to the threats posed by such attacks, researchers have diligently focused on devising countermeasures. Current research efforts focus on developing these countermeasures, yet evaluation only happens in pre-silicon scenarios in simulation or on an FPGA. Evaluating the effectiveness of those countermeasures on real Systems on Chips (SoCs) is challenging.

The thesis introduces a novel framework to bridge the gap between pre and post-silicon power side channel assessment, allowing accurate characterization and comparison of cryptographic designs before and after manufacturing. This approach aims to provide comprehensive profiling and ensure the security of future cryptographic designs. The suggested platform was verified by employing a series of different versions of the Advanced Encryption Standard (AES) algorithm that were integrated into a full System on Chip (SoC). As a metric for determining whether or not the proposed platform is suitable, attacability is being measured via correlation power analysis (CPA). Pre-silicon enables the evaluation of each AES core in isolation from the other components of the system, hence having noise-free power traces. However, in post-silicon, in order to provide a correct analysis, the platform incorporates a wide variety of features, such as automation execution, trace alignment, and noise reduction of power traces. In order to improve the automated execution process, a Left Feedback Shift Register (LFSR) has been devised to introduce a level of randomness in the encrypted messages and keys used by the cryptographic engine. In the context of trace alignment, the platform has been specifically built to include a trigger signal that serves the purpose of identifying the start/stop of the execution. Clock-gating is used as a means of mitigating noise by freezing the operation of additional cores, hence preventing the generation of extraneous auditory disturbances. In addition, the suggested approach is specifically tailored for the manufacturing process using the 40nm TSMC technology, including a simulation evaluation. Finally, to facilitate power measurements on the platform, custom printed circuit boards(PCB's) and a software backend were designed to support real life measurements and the final correlation of the pre and post-silicon power side channel behaviour. The results of our study suggest that both Pre-silicon (i.e., standalone evaluation) and Post-silicon (i.e., system evaluation) provide similar levels of accuracy in assessing attackability.