Abstract
Simulation is a very powerful tool for hardware designers. It generally allows the preliminary evaluation of a chip’s performance before its final tape out. As security against side-channel attacks is an increasingly important issue for cryptographic devices, simulation also becomes a desirable option for preliminary evaluation in this case. However, its relevance highly depends on the proper modeling of all the attack peculiarities. For example, several works in the literature directly exploit SPICE-like simulations without considering measurement peripherals. But the outcome of such analyses may be questionable, as witnessed by the recent results of Renauld et al. at CHES 2011, which showed how far the power traces of an AES S-box implemented using a dynamic and differential logic style fabricated in 65nm CMOS can lie from their post-layout simulations. One important difference was found in the linear dependencies between the (simulated and actual) traces and the S-box input/output bits. While simulations exhibited highly non-linear traces, actual measurements were much more linear. As linearity is a crucial parameter for the application of non-profiled side-channel attacks (which are only possible under the assumption of “sufficiently linear leakages”), this observation motivated us to study the reasons of such differences. Consequently, this work discusses the relevance of simulation in security evaluations, and highlights its dependency on the proper modeling of measurement setups. For this purpose, we present a generic approach to build an adequate model to represent measurement artifacts, based upon real data from equipment providers for our AES S-box case study. Next, we illustrate the transformation of simulated leakages, from highly non-linear to reasonably linear, exploiting our model and regression-based side-channel analysis. While improving the relevance of simulations in security evaluations, our results also raise doubts regarding the possibility to design dual-rail implementations with highly non-linear leakages.
Similar content being viewed by others
Notes
The noise-freeness naturally depends on the sampling, but in view of our low-noise measurements, we were able to extract well estimated means in our experiments.
Gaussian noise is added to the simulated traces in a post processing step assuming the noise-free simulated traces to provide the means of our leakages.
Strictly speaking, there are \(256^2\) transitions that could be considered. To reduce the cost of our analysis, we only considered transitions between 0 and a value between 0 and 255. From past experiments, we do not expect this restriction to have a strong impact on our conclusions, in particular for the part related to the leakages linearity.
References
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Cryptographic Hardware and Embedded Systems—CHES 2004: 6th International Workshop Cambridge, MA, USA, August 11–13, 2004. Proceedings, Lecture Notes in Computer Science, vol. 3156, pp. 16–29. Springer (2004). doi:10.1007/978-3-540-28632-5_2
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Proceedings of Cryptographic Hardware and Embedded Systems, CHES, pp. 13–28 (2002)
Giga Test Labs: ARIES Electronics 64 Pin QFP (0.55 mm) Test Socket, Electrical Characterisation 0.05–3.05 GHz. Characterisation report (1997)
Hassoune, I., Macé, F., Flandre, D., Legat, J.D.: Dynamic differential self-timed logic families for robust and low-power security ICs. Integration 40(3), 355–364 (2007)
Iokibe, K., Amano, T., Okamoto, K., Toyota, Y.: Equivalent circuit modeling of cryptographic integrated circuit for information security design. Electromagn. Compat. IEEE Trans. 55(3), 581–588 (2013). doi:10.1109/TEMC.2013.2250505
Iokibe, K., Higashi, R., Tsuda, T., Ichikawa, K., Nakamura, K., Toyota, Y., Koga, R.: Modeling of microcontroller with multiple power supply pins for conducted emi simulations. In: Advanced Packaging and Systems Symposium, 2008. EDAPS 2008. Electrical Design of, pp. 135–138 (2008). doi:10.1109/EDAPS.2008.4736018
Kamel, D., Renauld, M., Bol, D., Standaert, F.X., Flandre, D.: Analysis of dynamic differential swing limited logic for low-power secure applications. J. Low Power Electron. Appl. 1(2), 98–126 (2012). url:http://www.mdpi.com/2079-9268/2/1/98/
Li, H., Markettos, A., Moore, S.: Security evaluation against electromagnetic analysis at design time. In: Rao, J., Sunar, B. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2005, Lecture Notes in Computer Science, pp. 280–292. Springer, Berlin (2005)
Macé, F., Standaert, F.X., Quisquater, J.J.: Information theoretic evaluation of side-channel resistant logic styles. In: Paillier, P., Verbauwhede, I. (eds.) CHES, Lecture Notes in Computer Science, pp. 427–442. Springer, Berlin (2007)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks—Revealing the Secrets of Smart Cards. Springer, Berlin (2007)
Mangard, S., Popp, T., Gammel, B.M.: Side-channel leakage of masked CMOS gates. In: Menezes, A. (ed.) CT-RSA, Lecture Notes in Computer Science, pp. 351–365. Springer, Berlin (2005)
Nakamura, K.: EMC macro-model (LECCS-core) for multiple power-supply pin LSI. In: Proceeding of the EMC’04, Sendai, June (2004). url:http://ci.nii.ac.jp/naid/10018460119/en/
Regazzoni, F., Cevrero, A., Standaert, F.X., Badel, S., Kluter, T., Brisk, P., Leblebici, Y., Lenne, P.: A design flow and evaluation framework for DPA-Resistant instruction set extensions. In: Clavier, C., Gaj, K. (eds.) CHES, Lecture Notes in Computer Science, pp. 205–219. Springer, Berlin (2009)
Regazzoni, F., Eisenbarth, T., Poschmann, A., Großschädl, J., Gürkaynak, F.K., Macchetti, M., Deniz, Z.T., Pozzi, L., Paar, C., Leblebici, Y., Ienne, P.: Evaluating resistance of mcml technology to power analysis attacks using a simulation-based methodology. Trans. Comput. Sci. 4, 230–243 (2009)
Renauld, M., Kamel, D., Standaert, F.X., Flandre, D.: Information theoretic and security analysis of a 65-nanometer DDSLL AES S-Box. In: Proceedings of Cryptographic Hardware and Embedded Systems, CHES, pp. 223–239 (2011)
Renauld, M., Standaert, F.X., Veyrat-Charvillon, N., Kamel, D., Flandre, D.: A formal study of power variability issues and side-channel attacks for nanoscale devices. In: EUROCRYPT, pp. 109–128 (2011)
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Proceedings of Cryptographic Hardware and Embedded Systems, CHES, Springer, LNCS 3659, pp. 30–46. Springer, Berlin (2005)
Standaert, F.X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques, EUROCRYPT, pp. 443–461. Springer, Berlin (2009). doi:10.1007/978-3-642-01001-9_26
Texas instruments: AN-1205 electrical performance of packages. Application report (2004).
Tiri, K., Verbauwhede, I.: Simulation models for side-channel information leaks. In: Jr. Joyner, W.H., Martin, G., Kahng, A.B. (eds.) DAC, pp. 228–233. ACM, USA (2005)
Tiri, K., Verbauwhede, I.: A digital design flow for secure integrated circuits. IEEE Trans. CAD Integr. Circuits Syst. 25(7), 1197–1208 (2006)
Veyrat-Charvillon, N., cois Xavier Standaert, F.: Generic side- channel distinguishers: Improvements and limitations. In: Advances in Cryptology—CRYPTO 2011–31st Annual Cryptology Conference, Lecture Notes in Computer Science, vol. 6841, p. 348. Springer, Berlin (2011)
Whitnall, C., Oswald, E., Standaert, F.X.: The myth of generic DPA... and the magic of learning. Cryptology ePrint Archive, Report 2012/256 (2012). url:http://eprint.iacr.org/
Acknowledgments
This work has been funded in parts by the European Commission through the ERC project 280141 (acronym CRASH), the European ISEC action Grant HOME/2010/ISEC/AG/INT-011 B-CCENTRE project, and the Walloon region WIST program project MIPSs. F.-X. Standaert is an associate researcher of the Belgian Fund for Scientific Research (FNRS-F.R.S.).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kamel, D., Renauld, M., Flandre, D. et al. Understanding the limitations and improving the relevance of SPICE simulations in side-channel security evaluations. J Cryptogr Eng 4, 187–195 (2014). https://doi.org/10.1007/s13389-014-0080-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-014-0080-z