Presenter Information

Nicole Fern is a Principal Security Analyst at Keysight Riscure Security Solutions where she performs post-silicon side-channel and fault injection testing, code and architecture reviews, and pentesting of embedded systems for customers. Before joining Riscure, she worked at Cycuity, doing pre-silicon security consulting. She has presented at many top conferences such as ICCAD, DATE, VTS, and ITC and has published articles in journals such as IEEE Design and Test. She has also contributed many entries to the Hardware Common Weakness Enumeration (CWE) Special Interest Group. She earned a PhD in Electrical and Computer Engineering from the University of California Santa Barbara.

Overview

Many applications require that chipsets demonstrate some degree of resistance to side- channel attacks. The primary goal of this tutorial is to educate attendees on side-channel attacks and illustrate the value in analyzing hardware designs for side-channel leakage pre- silicon.

For this tutorial, we do not require the attendees to have prior experience or knowledge of side-channel attacks. The session will provide a primer on side-channel theory, covering two important concepts: correlation power analysis and t-testing. We will briefly touch upon post-silicon side-channel testing, showing a live demo of a power side-channel attack in action.

After the side-channel primer, the focus will shift to pre-silicon, motivating the value of performing side-channel analysis on pre-silicon simulation data at various stages in the design process.

We will show how simulation data produced by standard EDA tools can be analyzed to detect and root cause side-channel leakage before tape-out. This approach provides hardware designers with actionable feedback earlier in the design process, ultimately making it more efficient and cost effective to protect designs against side-channel attacks. Results from analyzing an AES core with countermeasures both pre- and post-synthesis will be presented along with a discussion on challenges and strategies for extending the approach to analyze larger designs such as those used in post-quantum cryptography.

Prerequisites and Required Materials

• N/A - Just Caffeine :)