System side-channel leakage emulation for HW/SW security coverification of MPSoCs

During recent years a tremendous number of embedded systems has been introduced into every person's house-hold. Such systems cannot only be found inside non-critical applications like entertainment devices but also in safety or security critical implementations like smart-cards. The increasing complexity leads to the introduction of several different co-design techniques to enable the parallel design of the system's hardware and software. Especially concerning security evaluation procedures this may raise a problem of trust between the manufacturer of the hardware and the software if both are different entities. To enable a bridge between these two worlds, simulation and emulation-based approaches have been shown in literature and industry to provide abstracted information about fault-attack effects to the software developer. However, no fast and cost-effective approach is available to provide a metric about how much of a given secret is leaking from the device to its environment. Therefore, this paper proposes such a metric and an emulation-based methodology to enable an early estimation of side-channel leakage to a possible adversary. The effectiveness of our approach is shown using a common available system-on-chip implementation using an open-source standard-cell library for characterization and a FPGA-based emulation platform for demonstration.

[1]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[2]  Patrick Schaumont,et al.  Early feedback on side-channel risks with accelerated toggle-counting , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[3]  Christian Steger,et al.  A side channel attack countermeasure using system-on-chip power profile scrambling , 2011, 2011 IEEE 17th International On-Line Testing Symposium.

[4]  Roman Bartosiński,et al.  The LEON3 Processor , 2013 .

[5]  Alessandro Trifiletti,et al.  Testing power-analysis attack susceptibility in register-transfer level designs , 2007, IET Inf. Secur..

[6]  Makoto Nagata,et al.  A fast power current analysis methodology using capacitor charging model for side channel attack evaluation , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[7]  Patrick Schaumont,et al.  A Component-Based Design Environment for ESL Design , 2006, IEEE Design & Test of Computers.

[8]  Daniel Shumow,et al.  Side Channel Leakage Profiling in Software , 2010 .

[9]  Ingrid Verbauwhede,et al.  Simulation models for side-channel information leaks , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[10]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[11]  Anantha P. Chandrakasan,et al.  Low-power CMOS digital design , 1992 .

[12]  Stéphane Badel,et al.  A Design Flow and Evaluation Framework for DPA-Resistant Instruction Set Extensions , 2009, CHES.

[13]  Erik P. de Vink,et al.  Virtual Analysis and Reduction of Side-Channel Vulnerabilities of Smartcards , 2004, Formal Aspects in Security and Trust.

[14]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[15]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[16]  Christian Steger,et al.  Accelerating early design phase differential power analysis using power emulation techniques , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[17]  Alessandro Trifiletti,et al.  High-Level Side-Channel Attack Modeling and Simulation for Security-Critical Systems on Chips , 2008, IEEE Transactions on Dependable and Secure Computing.