” Unique CAD-compatible SCA-security mechanisms, externally amplified coupling (EAC) attacks and (some) connection” by Itamar LEVI (Bar-Ilan University (BIU))
Date : 25 june 2021 – 10:00
Answering secure electronic systems challenges, hardware-security mindset is pacing and shaping current and future cryptographic-standards and certification standards. The main hurdle relates to communication and energy cost. Security mechanisms span various abstractions, from protocols and algorithms, through efficient co-hardware and software implementations of secure hardware, and down to hardware roots-of-trust. So called side channel attacks (SCA) span direct device access attacks, e.g. on IoTs or future BIO-Chips, through network and protocol-level attacks such as information exfiltration on complex SOCs and network devices. The sources of information leakage and extraction/exfiltration methods constantly expand.
In this seminar I will first discuss unique computer aided design (CAD) compatible SCA security mechanisms. I will present an approach which can significantly increase the physical security-level of a design, be implemented with conventional design-tools and which does not require any special technological-support. The method consists with a correct by-design utilization of power-management libraries and tools; it embeds special and ultra low-cost randomization mechanisms in a local fashion into the RTL of a design. Therefore, making it mature and easy to master by any backend/frontend digital designer. This method is ideally suited for high security levels when used as a building block to reduce the SNR and amplify the noise in the leakage with mathematical solutions (e.g. masking). Theoretically, a limitation of the construction as a stand-alone is security-energy scaling, i.e. for very high security levels its energy cost is exponential. I will present a glimpse of our current work answering this challenge with an alternative construction which provide linear cost.
In the second part of the talk, I will discuss the threat of externally amplified coupling (EAC) attacks. A type of attack which is very dangerous for masked designs as it merges shares leakage which are otherwise supposed to be independent (weather hardware or software). I will review some of our work on the topic and will discuss the scalability of EAC attacks to high order masking designs, its dominance as compared to inherent (intra device) coupling and I will show some results from current experimentation with a dedicated ASIC test bad. Interestingly, the first and second part of the talk share a link which will be discussed.