Accelerating early design phase differential power analysis using power emulation techniques

Abstract

The personal banking and ID sector has seen a tremendous change in recent years, partially caused by the widespread introduction of smart-cards. Because of the extensive implications of a successful attack on these devices, a wide range of practical as well as purely academic attacks has been developed during the last years. These attacks have unveiled weaknesses in hardware as well as software implementations of several different, partially widely used cryptographic algorithms. An especially powerful method, the differential power analysis (DPA), extracts secret information from power consumption and electro-magnetic emission profiles. The efficiency of a DPA attack significantly depends on the quality of the cryptographic algorithm implementation. These traces currently can only be generated using real hardware or simulation-based approaches. Depending on the chosen simulation accuracy these evaluations result in time-consuming RTL and SPICE simulations often limiting the maximum amount of available execution traces. This paper introduces a novel high-speed methodology for early security evaluations of integrated processor systems using power emulation. First, the usage of power emulation hardware allows for the estimation of attack effort that an adversary will have to invest to gain secret information from an algorithm's execution profile. Second, countermeasures against differential power analysis attacks can be quickly evaluated in terms of effectiveness. The shown approach uses semi-automatic characterization techniques and fully synthesizable emulation hardware to reduce the designer's dependency on time-consuming simulation runs.