• sca countermeasure
• hardware
• side-channel
• side-channel attack
• aes
• validation environment

In the recent years the number of interconnected devices involved in our life is rapidly growing. The internet of Things industry is leading this expansion and it has been estimated that the number of IoT connected devices in the world will exceed 30 billion by 2020. A very concerning problem is that such huge amount of devices is offering even more attack surface to hackers and cybersecurity threats. For instance, the recent 2016-Dyn and 2018-GitHub attacks, where tens of thousands smart systems have been infected and exploited to set up gigantic Distributed Denial of Service (DDoS) attacks. For this reason, the digital electronic industry is focusing towards the research of security solutions to protect all the new systems being launched on the market.

One of the bigger cybersecurity concerns, highlighted by many reports, is the access to private data by unauthorized entities. The development of secure protocols to avoid this process from being applied on both local and shared data is entrusted to cryptography. Although the most worldwide diffused cryptographic primitive, such Advanced Encryption Standard, hash functions and Elliptical Curve Cryptography (ECC) schemes offer an appropriate security level by a mathematical point of view, it has been demonstrated that they are vulnerable to threats that exploit unintentional sources of information gathered from real physical implementations. These threats are denoted as "Side-Channel Attacks (SCA)".

This thesis aims at developing a software environment to explore and validate the SCA resistance for hardware implementations of the AES: the most diffused cryptographic algorithm in the world. The reason why AES has been chosen specifically in its hardware forms is that they are fundamental to obtain the very high throughputs required by modern systems that software versions can't achieve. The presented environment covers all the steps needed to ensure that a system is not revealing any information through a first order power consumption side-channel: i.e. the data acquisition phase, the statistical data analysis step and the validation phase. The suite is designed to perform an early evaluation of resistance mechanisms against Power Analysis (PA), using only simulative software available to any digital design engineer (e.g. Questasim). The statistical analysis phase performs the most known attacks such Differential Power Analysis (DPA) and Correlation Power Analysis (CPA), while the validation step implements the state-of-art Test Vector Leakage Assessment (TVLA) provided by NIST (National Institute of Standards and Technology).

Furthermore two countermeasures towards a SCA resistant module have been conceived, designed and implemented, starting from an unprotected AES core IP. At first instance the unprotected module has been tested with the proposed SCA validation environment: the procedure showed that the cipher-key and all the secret data can be hacked in less than a minute, highlighting the effectiveness of Side-Channel Attacks as a real threat for mathematically proven cryptosystems. The first of the two developed solutions uses a True Random Generators (TRNG) and Digital Ring Oscillators (DROs) to decrease the Signal-to-Noise Ratio of the side-channel, i.e. the instant power consumption. Such countermeasure showed a 10^2 increased resistance with a minimal 6% area overhead and zero impact on throughput. The second countermeasures uses a combination of digital dual-rail precharge logic and masking techniques to ensure an uncorrelated power consumption to the data being computed: it is called LMDPL (LUT Masked Dual-Rail Precharge Logic). Such countermeasure showed an increased resistance by a 10^4 factor, but very high impact on both the area overhead (650% on FPGA and 300% on ASIC) and significant lower throughput (about 75%). Both the developed countermeasures are comparable in terms of SCA resistance to the state-of-art solutions.