RTL-PSC: Automated Power Side-Channel Leakage Assessment at Register-Transfer Level
This addresses a critical security gap for hardware designers by enabling early-stage vulnerability assessment, though it is incremental as it builds on existing side-channel analysis methods.
The paper tackles the problem of assessing power side-channel leakage vulnerability in hardware crypto designs at the register-transfer level (RTL) by proposing an automated framework called RTL-PSC, which estimates power profiles and uses evaluation metrics like KL divergence and success rate, validated through gate-level simulation and FPGA results.
Power side-channel attacks (SCAs) have become a major concern to the security community due to their non-invasive feature, low-cost, and effectiveness in extracting secret information from hardware implementation of cryto algorithms. Therefore, it is imperative to evaluate if the hardware is vulnerable to SCAs during its design and validation stages. Currently, however, there is little-known effort in evaluating the vulnerability of a hardware to SCAs at early design stage. In this paper, we propose, for the first time, an automated framework, named RTL-PSC, for power side-channel leakage assessment of hardware crypto designs at register-transfer level (RTL) with built-in evaluation metrics. RTL-PSC first estimates power profile of a hardware design using functional simulation at RTL. Then it utilizes the evaluation metrics, comprising of KL divergence metric and the success rate (SR) metric based on maximum likelihood estimation to perform power side-channel leakage (PSC) vulnerability assessment at RTL. We analyze Galois-Field (GF) and Look-up Table (LUT) based AES designs using RTL-PSC and validate its effectiveness and accuracy through both gate-level simulation and FPGA results. RTL-PSC is also capable of identifying blocks inside the design that contribute the most to the PSC vulnerability which can be used for efficient countermeasure implementation.