부산대학교 도서관

In modern computing platforms, power monitors (PwrMons) are employed to deliver online power estimates to support different runtime power-performance optimization methodologies. However, the possibility of setting up a successful side-channel attack by analyzing the power estimates imposes the use of a suitable and systematic approach in the design of such PwrMons. This article proposes a design methodology to automatically identify and implement side-channel-resistant PwrMons at the hardware level, for generic computing platforms. The methodology works by designing a PwrMon for which the switching activity of the signals used to compute the power estimates is not a function of both the secret key and the plaintext/ciphertext values processed by the computing platform. According to the most recent standardized methodologies to assess the side-channel security, our experimental validation leverages both correlation power analysis and $t$ -test analysis considering a general purpose System on Chip executing different cryptographic primitives and an application-specific accelerator implementing the AES-128 algorithm. Our results confirm the impossibility of retrieving the secret key from the power estimates provided by our side-channel-resistant PwrMon. Considering several temporal resolutions, we highlight an accuracy error of the power estimates limited to less than 2.7%, as well as an average area and power overheads for the protected PwrMons lower than 6% and 5%, respectively. To this end, the proposed methodology is able to deliver a side-channel-resistant PwrMon within state-of-the-art accuracy error and overheads.