On the Practicality of Relying on Simulations in Different Abstraction Levels for Pre-silicon Side-Channel Analysis

Javad Bahrami; Mohammad Ebrahimabadi; Sofiane Takarabt; Jean-luc Danger; Sylvain Guilley; Sylvain Guilley; Naghmeh Karimi

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

On the Practicality of Relying on Simulations in Different Abstraction Levels for Pre-silicon Side-Channel Analysis

Topics: Applied Cryptography; Data Protection; Network Security; Security and Privacy in Complex Systems; Security Engineering; Security Protocols

In Proceedings of the 19th International Conference on Security and Cryptography SECRYPT - Volume 1, 661-668, 2022 , Lisbon, Portugal

Authors: Javad Bahrami ¹ ; Mohammad Ebrahimabadi ¹ ; Sofiane Takarabt ² ; Jean-luc Danger ³ ; Sylvain Guilley ^{3

;

2} and Naghmeh Karimi ¹

Affiliations: ¹ University of Maryland Baltimore County, Baltimore, 21250, U.S.A. ; ² Secure-IC S.A.S., Think Ahead Business Line, Paris, France ; ³ LTCI, Télécom Paris, Institut Polytechnique de Paris, Paris, France

Keyword(s): Side-channel Attacks, Pre-silicon Evaluation, Toggle Count, SPICE Simulation, Masked Implementations.

Abstract: Cryptographic chips are prone to side-channel analysis attacks aiming at extracting their secrets. Side-channel leakage is particularly hard to remove completely, unless using a bottom-up approach (compositional security). On the contrary, industrial secure-by-design methods are rather relying on a top-down approach: (would-be) protected circuits are synthesized by Electronic Design Automation (EDA) tools. Tracking that no leakage exists at any refinement stage is therefore a challenge. Experience has shown that multiple leakages can resurge out of the blue when a sound RTL design is turned into a technology-mapped netlist. Checking for leaks and identifying them is a challenge. When the netlist is unstructured (e.g., it results from an EDA tool), dynamic checking appears as the most straightforward approach. It is feasible, given only a few thousand execution traces, to decide with a great certainty whether a leakage hides at some time samples within the trace or not. In pr actice, such easy detection is fostered by the fact that the activity of signals in cryptographic implementations (even more true for masked implementations) is almost maximal (=50%). The remaining question is about the adequate abstraction level of the simulation. The higher as possible abstractions are preferred, as they potentially capture more situations. However, if the simulation is too abstract, it may model the reality inappropriately. In this paper, we explore whether or not an evenemential simulation (toggle count) is faithful with respect to a low-level simulation (at SPICE level). Our results show that both abstraction levels match qualitatively for unprotected implementations. However, abstract toggle count simulations are no longer connected to real SPICE simulations in masked implementations. The reason is that the effect of the random mask is to mix evenemential simulations (which only reflect “approximately” the SPICE reality) together, in such a way that the useful information is lost. Therefore, masked logic netlist implementations shall be analysed only at SPICE level. (More)

Cryptographic chips are prone to side-channel analysis attacks aiming at extracting their secrets. Side-channel
leakage is particularly hard to remove completely, unless using a bottom-up approach (compositional security).
On the contrary, industrial secure-by-design methods are rather relying on a top-down approach: (would-be)
protected circuits are synthesized by Electronic Design Automation (EDA) tools. Tracking that no leakage exists
at any refinement stage is therefore a challenge. Experience has shown that multiple leakages can resurge
out of the blue when a sound RTL design is turned into a technology-mapped netlist.
Checking for leaks and identifying them is a challenge. When the netlist is unstructured (e.g., it results from
an EDA tool), dynamic checking appears as the most straightforward approach. It is feasible, given only a
few thousand execution traces, to decide with a great certainty whether a leakage hides at some time samples
within the trace or not. In practice, such easy detection is fostered by the fact that the activity of signals in
cryptographic implementations (even more true for masked implementations) is almost maximal (=50%).
The remaining question is about the adequate abstraction level of the simulation. The higher as possible abstractions
are preferred, as they potentially capture more situations. However, if the simulation is too abstract,
it may model the reality inappropriately. In this paper, we explore whether or not an evenemential simulation
(toggle count) is faithful with respect to a low-level simulation (at SPICE level). Our results show that
both abstraction levels match qualitatively for unprotected implementations. However, abstract toggle count
simulations are no longer connected to real SPICE simulations in masked implementations. The reason is
that the effect of the random mask is to mix evenemential simulations (which only reflect “approximately”
the SPICE reality) together, in such a way that the useful information is lost. Therefore, masked logic netlist
implementations shall be analysed only at SPICE level.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.223.239.250

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Bahrami, J.; Ebrahimabadi, M.; Takarabt, S.; Danger, J.; Guilley, S. and Karimi, N. (2022). On the Practicality of Relying on Simulations in Different Abstraction Levels for Pre-silicon Side-Channel Analysis. In Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-590-6; ISSN 2184-7711, SciTePress, pages 661-668. DOI: 10.5220/0011307600003283

@conference{secrypt22,
author={Javad Bahrami. and Mohammad Ebrahimabadi. and Sofiane Takarabt. and Jean{-}luc Danger. and Sylvain Guilley. and Naghmeh Karimi.},
title={On the Practicality of Relying on Simulations in Different Abstraction Levels for Pre-silicon Side-Channel Analysis},
booktitle={Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT},
year={2022},
pages={661-668},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011307600003283},
isbn={978-989-758-590-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT
TI - On the Practicality of Relying on Simulations in Different Abstraction Levels for Pre-silicon Side-Channel Analysis
SN - 978-989-758-590-6
IS - 2184-7711
AU - Bahrami, J.
AU - Ebrahimabadi, M.
AU - Takarabt, S.
AU - Danger, J.
AU - Guilley, S.
AU - Karimi, N.
PY - 2022
SP - 661
EP - 668
DO - 10.5220/0011307600003283
PB - SciTePress