RTL-PSC: Automated Power Side-Channel Leakage Assessment at Register-Transfer Level

He, Miao; Park, Jungmin; Nahiyan, Adib; Vassilev, Apostol; Jin, Yier; Tehranipoor, Mohammad

doi:10.1109/vts.2019.8758600

Cited by 35 publications

(4 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Power-based SCA exploits the vulnerability that different inputs to a cryptographic system will produce different power consumption patterns. The Test Vector Leakage Assessment (TVLA) methodology, demonstrated in [22], [25], is used to verify whether this vulnerability exists in the IMC implementation also or not by analyzing side-channel leakage statistics. So, if different inputs to the system always result in a similar power consumption pattern on average, there is nothing for an attacker to exploit.…”

Section: A Power Side Channel Leakage Assessment Methodologymentioning

confidence: 99%

ChaCha20-in-Memory for Side-Channel Resistance in IoT Edge-Node Devices

Aamir

Sharma

Grover

2021

IEEE Open J. Circuits Syst.

View full text Add to dashboard Cite

IoT edge devices process the data collected, which can contain sensitive information related to the user. It is crucial to incorporate robust encryption algorithms considering the resource and power budget of these devices. In this paper, we present a power-based SCA-resistant implementation of the ChaCha20 encryption algorithm for low-end devices by utilizing memory arrays. The 10T SRAM-based implementation performs simple operations (like NAND, NOR, XOR) on the bitlines and other operations like addition/subtraction, shifting, rotation on custom-designed in-memory elements tightly coupled to sense amplifiers (SA). The design is verified for multiple test vectors to generate power consumption signatures. Welch's t-test is performed on these signatures to demonstrate that the design is highly resistant to powerbased SCA. The proposed implementation of ChaCha20 runs at 250MHz at a 1.2V supply, in 65nm Low Standby Power (LSTP) technology, achieving a speedup of around 7 times in terms of execution time compared to the ARM Cortex A9 processor.

show abstract

Section: A Power Side Channel Leakage Assessment Methodologymentioning

confidence: 99%

ChaCha20-in-Memory for Side-Channel Resistance in IoT Edge-Node Devices

Aamir

Sharma

Grover

2021

IEEE Open J. Circuits Syst.

View full text Add to dashboard Cite

show abstract

“…The Kullback-Leibler test does not assume normality of the data, although it does have its own assumptions on the support of the data. This application of statistical testing is with regard to Register-Transfer Level (RTL) leakage exploitation-based attacks [18][19][20]. On the contrary, this work primarily focuses on leakage detection, leading to the exploration of alternate statistical methods.…”

Section: Related Workmentioning

confidence: 99%

Challenging Assumptions of Normality in AES s-Box Configurations under Side-Channel Analysis

Carper,

Olguin,

Brown

et al. 2023

JCP

View full text Add to dashboard Cite

Power-based Side-Channel Analysis (SCA) began with visual-based examinations and has progressed to utilize data-driven statistical analysis. Two distinct classifications of these methods have emerged over the years; those focused on leakage exploitation and those dedicated to leakage detection. This work primarily focuses on a leakage detection-based schema that utilizes Welch’s t-test, known as Test Vector Leakage Assessment (TVLA). Both classes of methods process collected data using statistical frameworks that result in the successful exfiltration of information via SCA. Often, statistical testing used during analysis requires the assumption that collected power consumption data originates from a normal distribution. To date, this assumption has remained largely uncontested. This work seeks to demonstrate that while past studies have assumed the normality of collected power traces, this assumption should be properly evaluated. In order to evaluate this assumption, an implementation of Tiny-AES-c with nine unique substitution-box (s-box) configurations is conducted using TVLA to guide experimental design. By leveraging the complexity of the AES algorithm, a sufficiently diverse and complex dataset was developed. Under this dataset, statistical tests for normality such as the Shapiro-Wilk test and the Kolmogorov-Smirnov test provide significant evidence to reject the null hypothesis that the power consumption data is normally distributed. To address this observation, existing non-parametric equivalents such as the Wilcoxon Signed-Rank Test and the Kruskal-Wallis Test are discussed in relation to currently used parametric tests such as Welch’s t-test.

show abstract

“…The main drawback for ACA and PARAM is that they are closed-source projects, and while CASCADE claims to be open source it relies on commercial EDA tools such as PrimeTime by Synopsys. RTL-PSC [He+19] is a tool similar in functionality, however it only requires the RTL specification of the circuit. This system also relies on proprietary software, in particular VCS by Synopsys.…”

Section: State Of the Artmentioning

confidence: 99%

Emulating Side Channel Attacks on gem5: lessons learned

Bossuet

Grosso

Lara-Nino

2023

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

Side channel attacks (SCA) have the potential of disrupting the trust of the users on computing platforms and cryptographic algorithms. The main challenge in the design of countermeasures against such threats is that an evaluation of their effectiveness can only be performed after they have been implemented. By that point, significant resources would have been invested in the creation of a prototype. Moreover, the large volume of combinations from all the potential target algorithms and computing systems complicates a systematical analysis. It is necessary to find strategies to simplify and systematize the study of SCAs and their countermeasures. gem5 is a cycle-accurate simulator which offers the possibility to emulate a broad range of computing architectures. Beyond the functional verification, this tool computes multiple physical statistics from the simulated system. In this paper, we discuss the lessons learned from using gem5 to simulate SCAs on an ARM system. Our work shows that while there is a correlation between the data and the reported statistics, there are significant challenges that must be addressed to improve the use of gem5 for the emulation of physical phenomena.

show abstract

RTL-PSC: Automated Power Side-Channel Leakage Assessment at Register-Transfer Level

Cited by 35 publications

References 21 publications

ChaCha20-in-Memory for Side-Channel Resistance in IoT Edge-Node Devices

ChaCha20-in-Memory for Side-Channel Resistance in IoT Edge-Node Devices

Challenging Assumptions of Normality in AES s-Box Configurations under Side-Channel Analysis

Emulating Side Channel Attacks on gem5: lessons learned

Contact Info

Product

Resources

About