Protecting Secure ICs Against Side-Channel Attacks by Identifying and Quantifying Potential EM and Leakage Hotspots at Simulation Stage
Résumé
For many years EM Side-Channel Attacks, which exploit the statistical link between the magnetic field radiated by secure ICs and the data they process, are a critical threat. Indeed, attackers need to find only one hotspot (position of the EM probe over the IC surface) where there is an exploitable leakage to compromise the security of the IC and its data. As a result, designing secure ICs robust against these attacks is incredibly difficult because designers must ensure there is no exploitable hotspot over the whole IC surface. This task is all the more difficult as there is no CAD tool to compute the magnetic field radiated by ICs and hence no methodology to detect hotspots at the design stages. In addition, simulations are noise-free and that makes correlation maps useless in identifying potential hotspots. Within this context, this paper introduces a flow allowing predicting the EM radiations of ICs as well as two different methodologies to disclose coordinates of an IC where an attacker can break the security. The first one aims at identifying and quantifying the potential risks of EM hotspots at the surface of ICs, i.e. positions where to place an EM probe to capture a leakage. The second aims at locating leakage hotspots in ICs, i.e. areas in circuits from where these leakages originate.