Automatic On-Chip Clock Network Optimization for Electromagnetic Side-Channel Protection

Commercial electronic design automation (EDA) tools typically focus on optimizing the power, area, and speed of integrated circuits (ICs). They rarely consider hardware security requirements. As such, existing EDA tools often directly or indirectly introduce security vulnerabilities. These security vulnerabilities can later be exploited by attackers to leak information or compromise the hardware root-of-trust. In this paper, we show how traditional EDA tools optimize power, area and speed (PAS) metrics in cryptographic circuits at the cost of introducing vulnerabilities to side-channel analysis (SCA) attacks. To balance hardware security with traditional performance metrics, we propose an automatic tool, called CAD4EM-CLK, to secure ICs against power and electromagnetic (EM) SCA attacks. The tool optimizes clock networks for both traditional design requirements and security constraints. To achieve this goal, we first theoretically analyze and model the relationship between on-chip clock networks and side-channel security. The developed model will then guide the CAD4EM-CLK tool to adjust clock network structures to spread the leakage out temporally, also lower its amplitude proportion, so as to help reduce the leaked information. The proposed automatic tool is then validated on various cryptographic circuits. We use layout-level simulation to assess side-channel leakage and the experimental results prove the effectiveness of our proposed tool for power and EM side-channel protection.

[1]  R. H. J. M. Otten,et al.  The Annealing Algorithm , 1989 .

[2]  Aydin Aysu,et al.  MaskedNet: The First Hardware Inference Engine Aiming Power Side-Channel Protection , 2020, 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[3]  Ingrid Verbauwhede,et al.  A VLSI design flow for secure side-channel attack resistant ICs , 2005, Design, Automation and Test in Europe.

[4]  Shreyas Sen,et al.  SCNIFFER: Low-Cost, Automated, Efficient Electromagnetic Side-Channel Sniffing , 2019, IEEE Access.

[5]  Yue Xu,et al.  Flip-flop clustering by weighted K-means algorithm , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[6]  Amit Kumar,et al.  Efficient simulation of EM side-channel attack resilience , 2017, 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[7]  Oliver Stein,et al.  A Novel Design Flow for a Security-Driven Synthesis of Side-Channel Hardened Cryptographic Modules , 2017 .

[8]  V. Kamakoti,et al.  Karna: A Gate-Sizing based Security Aware EDA Flow for Improved Power Side-Channel Attack Protection , 2019, 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[9]  Sanu Mathew,et al.  EM and Power SCA-Resilient AES-256 Through >350× Current-Domain Signature Attenuation and Local Lower Metal Routing , 2021, IEEE Journal of Solid-State Circuits.

[10]  Dabao Zhang,et al.  A Coefficient of Determination for Generalized Linear Models , 2017 .

[11]  Monodeep Kar,et al.  Improved Power/EM Side-Channel Attack Resistance of 128-Bit AES Engines With Random Fast Voltage Dithering , 2019, IEEE Journal of Solid-State Circuits.

[12]  Jean-Louis Lacoume,et al.  A Proposition for Correlation Power Analysis Enhancement , 2006, CHES.

[13]  T. Mizuki,et al.  Suppression of information leakage from electronic devices based on SNR , 2011, 2011 IEEE International Symposium on Electromagnetic Compatibility.

[14]  Ying-Yu Chen,et al.  Clock tree synthesis under aggressive buffer insertion , 2010, Design Automation Conference.

[15]  Haocheng Ma,et al.  CAD4EM-P: Security-Driven Placement Tools for Electromagnetic Side Channel Protection , 2019, 2019 Asian Hardware Oriented Security and Trust Symposium (AsianHOST).

[16]  Yier Jin,et al.  A Novel TIGFET-based DFF Design for Improved Resilience to Power Side-Channel Attacks , 2020, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[17]  Amir Moradi,et al.  Leakage assessment methodology , 2016, Journal of Cryptographic Engineering.

[18]  Shreyas Sen,et al.  STELLAR: A Generic EM Side-Channel Attack Protection through Ground-Up Root-cause Analysis , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[19]  Jeng-Liang Tsai,et al.  Zero skew clock-tree optimization with buffer insertion/sizing and wire sizing , 2004, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[20]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[21]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[22]  Haocheng Ma,et al.  Design for EM Side-Channel Security through Quantitative Assessment of RTL Implementations , 2020, 2020 25th Asia and South Pacific Design Automation Conference (ASP-DAC).

[23]  David Novo,et al.  An EDA-friendly protection scheme against side-channel attacks , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[24]  Ge Li,et al.  Securing AES against Localized EM Attacks through Spatial Randomization of Dataflow , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[25]  Haocheng Ma,et al.  Security-Driven Placement and Routing Tools for Electromagnetic Side Channel Protection , 2020 .

[26]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[27]  Benedikt Heinz,et al.  Strengths and Limitations of High-Resolution Electromagnetic Field Measurements for Side-Channel Analysis , 2012, CARDIS.

[28]  Sylvain Guilley,et al.  Secured CAD Back-End Flow for Power-Analysis-Resistant Cryptoprocessors , 2007, IEEE Design & Test of Computers.

[29]  Yu Zheng,et al.  Role of power grid in side channel attack and power-grid-aware secure design , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[30]  Sachin S. Sapatnekar,et al.  Handbook of Algorithms for Physical Design Automation , 2008 .

[31]  Debdeep Mukhopadhyay,et al.  From theory to practice of private circuit: A cautionary note , 2015, 2015 33rd IEEE International Conference on Computer Design (ICCD).

[32]  Sanu Mathew,et al.  Blindsight: Blinding EM Side-Channel Leakage using Built-In Fully Integrated Inductive Voltage Regulator , 2018, ArXiv.

[33]  Raminderpal Singh OnChip Inductance Modeling and Analysis , 2002 .

[34]  Christof Paar,et al.  A Hardware-Based Countermeasure to Reduce Side-Channel Leakage: Design, Implementation, and Evaluation , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[35]  Baris Taskin,et al.  Low Voltage Clock Tree Synthesis with Local Gate Clusters , 2019, ACM Great Lakes Symposium on VLSI.

[36]  R. Master,et al.  Modeling of power supply noise in large chips using the circuit-based finite-difference time-domain method , 2005, IEEE Transactions on Electromagnetic Compatibility.

[37]  P. Rohatgi,et al.  Test Vector Leakage Assessment ( TVLA ) methodology in practice , 2013 .

[38]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[39]  Israel Koren,et al.  Countermeasures against EM analysis for a secured FPGA-based AES implementation , 2013, 2013 International Conference on Reconfigurable Computing and FPGAs (ReConFig).

[40]  Yici Cai,et al.  Electromagnetic Equalizer: An Active Countermeasure Against EM Side-channel Attack , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[41]  Yuan Yao,et al.  Architecture Correlation Analysis (ACA): Identifying the Source of Side-channel Leakage at Gate-level , 2020, 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[42]  Baris Taskin,et al.  SLECTS: Slew-Driven Clock Tree Synthesis , 2019, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[43]  Fan Zhang,et al.  Fluctuating Power Logic: SCA Protection by $V_{DD}$ Randomization at the Cell-level , 2019, 2019 Asian Hardware Oriented Security and Trust Symposium (AsianHOST).

[44]  Rahul Bodduna,et al.  PARAM: A Microprocessor Hardened for Power Side-Channel Attack Resistance , 2020, 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).