AUTHORS:
T. Zhang, J. Park, M. Tehranipoor, and F. Farahmandi
Power side-channel attacks (SCAs) exploit leakage from cryptographic implementations to recover secrets in a non-invasive manner. Existing power side-channel assessment techniques mostly focus on post-silicon stages, suffering from the extremely low flexibility in changing designs to address identified leakages. In this paper, we propose a framework called PSC-TG which supports side-channel leakage assessment at the earliest stage of design cycle, i.e., RTL, allowing the maximum flexibility for countermeasure deployment. The assessment starts with RTL information flow tracking to identify the most sensitive variables according to pre-defined SCA-aware properties. Then, formal assertions are generated based on these variables and the presumed attack model to derive the corresponding test patterns. Next, the sidechannel vulnerability (SCV) metric is calculated using the estimated power with as low as two patterns to quantify the first-order sidechannel leakage. Besides, PSC-TG can give pass/fail indication for masked implementations at higher orders with t-test. We experimentally evaluate the leakage of multiple non-protected benchmarks at RTL, and validate with gate-level and FPGA results. Also, the t-test results of the masked Simon implementation are consistent with the post-silicon findings.
Read more: “PSC-TG: RTL Power Side-Channel Leakage Assessment with Test Pattern Generation” (2021)