Contributions à la sécurité des circuits intégrés face aux attaques par canaux auxiliaires / Contributions to the security of integrated circuits against side-channel attacks

Vaquié, Bruno

18 December 2012

Les attaques par canaux cachés telles que les attaques par analyse de la consommation sont une menace pour la sécurité des circuits intégrés. Elles exploitent les fuites physiques émises par les circuits lors des calculs cryptographiques pour récupérer les informations secrètes qu'ils contiennent. De nombreuses contremesures, notamment matérielles, ont donc été proposées par la communauté dans le but de protéger les crypto-systèmes contre ce type d'attaques. Malgré leur efficacité, leur inconvénient majeur est leur surcoût important en surface, vitesse et consommation. Cette thèse a pour objectif de proposer des contremesures avec un faible coût au niveau matériel visant à réduire ces fuites et offrant un bon compromis entre sécurité et surcoûts. Pour cela, nous identifions tout d'abord les principales sources de fuites d'un crypto-système intégrant une architecture matérielle itérative d'un algorithme symétrique. Puis nous proposons plusieurs contremesures, à faible coût matériel, qui visent à réduire ces fuites. Enfin, nous évaluerons la robustesse de nos solutions face aux attaques par canaux cachés. / Side channel attacks such as power analysis attacks are a threat to the security of integrated circuits.They exploit the physical leakage of circuits during the cryptographic computations to retrieve the secret informations they contain. Many countermeasures, including hardware, have been proposed by the community in order to protect cryptosystems against such attacks. Despite their effectiveness, their major drawback is their significant additional cost in area, speed and consumption. This thesis aims at proposing low cost countermeasures able to reduce the leaks and offering a good compromise between security and costs. First we identify the main sources of leakage of a cryptographic system that integrates an iterative hardware architecture of a symetric algorithm. Then we propose several low cost countermeasures, which aim at reducing this leakage. Finally, we evaluate the robustness of our solutions against side channel attacks.

Cryptographie

Attaques par canaux cachés

Contremesures matérielles

Registres sécurisés

Algorithme DES

Attaques DPA et CPA

Cryptography

Side Channel Attacks

Hardware countermeasure

Secure register

Des

DPA and CPA

Identificação das teclas digitadas a partir da vibração mecânica. / Identification of pressed keys from mechanical vibrations.

Gerson de Souza Faria

28 November 2012

Este trabalho descreve um ataque que detecta as teclas pressionadas em teclados mecânicos pela análise das vibrações geradas quando as mesmas são pressionadas. Dois equipamentos foram experimentados no ataque: um teclado genérico de automação comercial e um terminal de ponto de venda (POS / PIN-pad). Acelerômetros são utilizados como sensores de vibração. Propositalmente, o equipamento necessário para a execução do ataque é de baixíssimo custo, de modo a ressaltar o risco das vulnerabilidades encontradas. Obtivemos taxas de sucesso médio de 69% no reconhecimento das teclas pressionadas para o terminal PIN-pad em repouso e 75% para o mesmo sendo segurado na mão. No caso de teclado de automação comercial, as taxas médias de acerto ficaram em torno de 99%. / This work describes an attack that identifies the sequence of keystrokes analyzing mechanical vibrations generated by the act of pressing keys. We use accelerometers as vibration sensors. The apparatus necessary for this attack is inexpensive and can be unobtrusively embedded within the target equipment. We tested the proposed attack on an ATM keypad and a PIN-pad. We achieved the key recognition rates of 99% in ATM keypad, 69% in PIN-pad resting on a hard surface and 75% in PIN-pad hold in hand.

Acelerômetros

Arduino

Ataque a canais secundários

ATM

PIN-pad

Processamento de sinais

Segurança da informação

Teclados

Tempest

Accelerometers

Arduino

ATM

Information security

Keyboards

PIN-pad

Side channel attack

Signal processing

Tempest

Etude d'attaques matérielles et combinées sur les "System-on-chip" / Hardware and combined attacks on the "System-on-Chip"

Majéric, Fabien

30 November 2018

L'intérêt de la communauté de la sécurité numérique dans le domaine des Systems on Chip (SoC) s'est essentiellement focalisé sur les menaces logicielles, améliorant sans cesse le niveau de protection. Cependant, l'exploitation de ce vecteur d'attaque devenant de plus en plus difficile, il est fort probable que les attaques matérielles se multiplient. Par conséquent, il est primordial d'étudier ces dernières afin d'anticiper la menace qu'elles représentent. La sophistication de l'architecture et la rapidité d'évolution des technologies embarquées dans les SoC, justifient la mise en place d'une méthodologie adaptée pour évaluer efficacement leur niveau de sécurité. C'est dans ce contexte que cette thèse propose l'étude de cette catégorie d'attaques ainsi qu'un aperçu de leur impact sur la sécurité de ce type de systèmes. Alors que les architectures élaborées accroissent la difficulté de mise en place d'attaques physiques, elles augmentent également la surface d'attaque. Une première étude analyse les chemins d'attaques afin de déterminer les grandeurs physiques exploitables les plus pertinentes. Cette étape conduit, dans un deuxième temps, à l'élaboration de règles génériques pour l'évaluation sécuritaire des SoC présents sur le marché. Celles-ci combinent diverses techniques déjà utilisées dans le domaine de la carte à puce. L'ensemble de ce travail s'appuie sur plusieurs divers modules caractéristiques de la sécurité des SoC actuels. Tous les résultats soulignent que la complexité inhérente aux SoC n'est pas suffisante pour les protéger contre les attaques matérielles et l'implémentation des sécurités dans ces systèmes doit se faire sans se reposer sur cette propriété. / In the field of System on Chip (SoC), the digital security community has mainly focused on software threats; constantly working to improve the level of protection. Since the exploitation of this attack vector is becoming more and more difficult, it is most likely that the number of hardware attacks will increase. Therefore, it is essential to study these attacks in order to anticipate the threat they represent. The sophisticated architecture and the rapidly changing technologies embedded in the SoC justify the implementation of an adapted methodology, to effectively evaluate their level of security.In this context, this thesis examines the feasibility of this type of attacks and their impact on the security of these systems. While rich architectures increase the difficulty of setting up hardware attacks, they also increase the attack surface. Our study starts by analyzing the attack paths in order to determine the most relevant exploitable physical quantities. This has led to the development of a generic procedure for the security evaluation of SoCs on the market. This method combines various techniques that are already applied to smart cards. This entire work is based on several case studies related to various embedded modules characteristic of the security in current systems-on-chips. All the observed results lead to the same observations: the inherent complexity of SoCs is not sufficient to protect them against hardware attacks. The implementation of security in these systems must be done without relying on this property.

Attaques matérielles

System-on-Chip

Systèmes complexes embarqués

Sécurité de l'information

Débogage matériel

Electromagnétique

System-on-Chip

Side-channel

Fault Injection

Hardware attacks

Electromagnetic

Hardware debugging

Information security

Embedded complex systems

Side-Channel Analysis: Countermeasures and Application to Embedded Systems Debugging

Moreno, Carlos

January 2013

Side-Channel Analysis plays an important role in cryptology, as it represents an important class of attacks against cryptographic implementations, especially in the context of embedded systems such as hand-held mobile devices, smart cards, RFID tags, etc. These types of attacks bypass any intrinsic mathematical security of the cryptographic algorithm or protocol by exploiting observable side-effects of the execution of the cryptographic operation that may exhibit some relationship with the internal (secret) parameters in the device. Two of the main types of side-channel attacks are timing attacks or timing analysis, where the relationship between the execution time and secret parameters is exploited; and power analysis, which exploits the relationship between power consumption and the operations being executed by a processor as well as the data that these operations work with. For power analysis, two main types have been proposed: simple power analysis (SPA) which relies on direct observation on a single measurement, and differential power analysis (DPA), which uses multiple measurements combined with statistical processing to extract information from the small variations in power consumption correlated to the data. In this thesis, we propose several countermeasures to these types of attacks, with the main themes being timing analysis and SPA. In addition to these themes, one of our contributions expands upon the ideas behind SPA to present a constructive use of these techniques in the context of embedded systems debugging. In our first contribution, we present a countermeasure against timing attacks where an optimized form of idle-wait is proposed with the goal of making the observable decryption time constant for most operations while maintaining the overhead to a minimum. We show that not only we reduce the overhead in terms of execution speed, but also the computational cost of the countermeasure, which represents a considerable advantage in the context of devices relying on battery power, where reduced computations translates into lower power consumption and thus increased battery life. This is indeed one of the important themes for all of the contributions related to countermeasures to side- channel attacks. Our second and third contributions focus on power analysis; specifically, SPA. We address the issue of straightforward implementations of binary exponentiation algorithms (or scalar multiplication, in the context of elliptic curve cryptography) making a cryptographic system vulnerable to SPA. Solutions previously proposed introduce a considerable performance penalty. We propose a new method, namely Square-and-Buffered- Multiplications (SABM), that implements an SPA-resistant binary exponentiation exhibiting optimal execution time at the cost of a small amount of storage --- O(\sqrt(\ell)), where \ell is the bit length of the exponent. The technique is optimal in the sense that it adds SPA-resistance to an underlying binary exponentiation algorithm while introducing zero computational overhead. We then present several new SPA-resistant algorithms that result from a novel way of combining the SABM method with an alternative binary exponentiation algorithm where the exponent is split in two halves for simultaneous processing, showing that by combining the two techniques, we can make use of signed-digit representations of the exponent to further improve performance while maintaining SPA-resistance. We also discuss the possibility of our method being implemented in a way that a certain level of resistance against DPA may be obtained. In a related contribution, we extend these ideas used in SPA and propose a technique to non-intrusively monitor a device and trace program execution, with the intended application of assisting in the difficult task of debugging embedded systems at deployment or production stage, when standard debugging tools or auxiliary components to facilitate debugging are no longer enabled in the device. One of the important highlights of this contribution is the fact that the system works on a standard PC, capturing the power traces through the recording input of the sound card.

cryptography

embedded systems

embedded systems security

side-channel analysis

timing attacks

power analysis

spa-resistant implementations

embedded systems debugging

Electrical and Computer Engineering

Arithmetic recodings for ECC cryptoprocessors with protections against side-channel attacks

Chabrier, Thomas

18 June 2013

This PhD thesis focuses on the study, the hardware design, the theoretical and practical validation, and eventually the comparison of different arithmetic operators for cryptosystems based on elliptic curves (ECC). Provided solutions must be robust against some side-channel attacks, and efficient at a hardware level (execution speed and area). In the case of ECC, we want to protect the secret key, a large integer, used in the scalar multiplication. Our protection methods use representations of numbers, and behaviour of algorithms to make more difficult some attacks. For instance, we randomly change some representations of manipulated numbers while ensuring that computed values are correct. Redundant representations like signed-digit representation, the double- (DBNS) and multi-base number system (MBNS) have been studied. A proposed method provides an on-the-fly MBNS recoding which operates in parallel to curve-level operations and at very high speed. All recoding techniques have been theoretically validated, simulated extensively in software, and finally implemented in hardware (FPGA and ASIC). A side-channel attack called template attack is also carried out to evaluate the robustness of a cryptosystem using a redundant number representation. Eventually, a study is conducted at the hardware level to provide an ECC cryptosystem with a regular behaviour of computed operations during the scalar multiplication so as to protect against some side-channel attacks.

[INFO:INFO_OH] Computer Science/Other

[INFO:INFO_OH] Informatique/Autre

Elliptic curve

Cryptography

Attack by observation

Side channel attack

Arithmetic recoding

Protection

Counter measure

Fpga

Asic

Hardware implementation

Side-Channel Analysis: Countermeasures and Application to Embedded Systems Debugging

Moreno, Carlos

January 2013

Side-Channel Analysis plays an important role in cryptology, as it represents an important class of attacks against cryptographic implementations, especially in the context of embedded systems such as hand-held mobile devices, smart cards, RFID tags, etc. These types of attacks bypass any intrinsic mathematical security of the cryptographic algorithm or protocol by exploiting observable side-effects of the execution of the cryptographic operation that may exhibit some relationship with the internal (secret) parameters in the device. Two of the main types of side-channel attacks are timing attacks or timing analysis, where the relationship between the execution time and secret parameters is exploited; and power analysis, which exploits the relationship between power consumption and the operations being executed by a processor as well as the data that these operations work with. For power analysis, two main types have been proposed: simple power analysis (SPA) which relies on direct observation on a single measurement, and differential power analysis (DPA), which uses multiple measurements combined with statistical processing to extract information from the small variations in power consumption correlated to the data. In this thesis, we propose several countermeasures to these types of attacks, with the main themes being timing analysis and SPA. In addition to these themes, one of our contributions expands upon the ideas behind SPA to present a constructive use of these techniques in the context of embedded systems debugging. In our first contribution, we present a countermeasure against timing attacks where an optimized form of idle-wait is proposed with the goal of making the observable decryption time constant for most operations while maintaining the overhead to a minimum. We show that not only we reduce the overhead in terms of execution speed, but also the computational cost of the countermeasure, which represents a considerable advantage in the context of devices relying on battery power, where reduced computations translates into lower power consumption and thus increased battery life. This is indeed one of the important themes for all of the contributions related to countermeasures to side- channel attacks. Our second and third contributions focus on power analysis; specifically, SPA. We address the issue of straightforward implementations of binary exponentiation algorithms (or scalar multiplication, in the context of elliptic curve cryptography) making a cryptographic system vulnerable to SPA. Solutions previously proposed introduce a considerable performance penalty. We propose a new method, namely Square-and-Buffered- Multiplications (SABM), that implements an SPA-resistant binary exponentiation exhibiting optimal execution time at the cost of a small amount of storage --- O(\sqrt(\ell)), where \ell is the bit length of the exponent. The technique is optimal in the sense that it adds SPA-resistance to an underlying binary exponentiation algorithm while introducing zero computational overhead. We then present several new SPA-resistant algorithms that result from a novel way of combining the SABM method with an alternative binary exponentiation algorithm where the exponent is split in two halves for simultaneous processing, showing that by combining the two techniques, we can make use of signed-digit representations of the exponent to further improve performance while maintaining SPA-resistance. We also discuss the possibility of our method being implemented in a way that a certain level of resistance against DPA may be obtained. In a related contribution, we extend these ideas used in SPA and propose a technique to non-intrusively monitor a device and trace program execution, with the intended application of assisting in the difficult task of debugging embedded systems at deployment or production stage, when standard debugging tools or auxiliary components to facilitate debugging are no longer enabled in the device. One of the important highlights of this contribution is the fact that the system works on a standard PC, capturing the power traces through the recording input of the sound card.

cryptography

embedded systems

embedded systems security

side-channel analysis

timing attacks

power analysis

spa-resistant implementations

embedded systems debugging

Electrical and Computer Engineering

Etudes cryptographiques et statistiques de signaux compromettants / Cryptographic and statistical side channel analysis

Linge, Yanis

22 November 2013

Cette thèse porte sur les attaques par observations. Ces attaques étudient les variations d'émanation d'un composant pour retrouver une clé secrète. Ces émanations peuvent être multiples, par exemple, la consommation de courant électrique, le rayonnement électromagnétique, etc. Généralement, ces attaques font appel à des méthodes statistiques pour examiner la relation entre les émanations du composant et des modèles de consommation imaginés par l'attaquant. Trois axes sont développés dans cette thèse. Dans un premier temps, nous avons implémenté différentes attaques par observations sur des cartes graphiques en utilisant l'API OpenCL. Ces implémentations sont plus performantes que les implémentations classiques, ce qui permet à un attaquant de pouvoir traiter plus de données. Dans un second temps, nous avons proposé l'utilisation du MIC dans le cadre des attaques par observations. L'avantage du MIC, par rapport à l'information mutuelle, est sa facilité de calcul, ne dépendant pas de choix de noyau ou de taille de fenêtre. Son utilisation dans une attaque par observations est donc aisée, même si, la complexité des calculs à effectuer est souvent très importante. Enfin, nous avons introduit une nouvelle attaque, basée sur la distribution jointe de l'entrée et de la sortie de fonction cryptographique. Si cette distribution varie en fonction de la valeur de la clé impliquée par la fonction, on est capable de retrouver la clé secrète utilisée par le composant. Cette nouvelle attaque a la particularité de ne nécessiter ni la connaissance du texte clair, ni la connaissance du texte chiffré, ce qui lui permet d'être efficace même en présence de certaines contre-mesures. / The main subject of this manuscript is the Side Channel Attacks. These attacks investigate the variation of device emanations to retrieve a secret key. These emanations can be the power consumption, the electromagnetic radiation, etc. Most of the time, those attacks use statistical methods to examine the relationship between the emanations and some leakage models supposed by the attacker. Three main axis are developed here. First, we have implemented many side channel attacks on GPGPU using the API OpenCL. These implementations are more effective than the classical ones, so an attacker can exploit more data. Then, in order to provide a new side channel attack, we have suggested the use of a new dependency measurement proposed by Reshef et al., the MIC. The MIC is more advantageous than the mutual information, because its computation does not depend of a kernel choice nor a windows size. So, its use in side channel analysis is simple, even if the time complexity is large. Finally, we have introduced a new attack based on the join distribution of the input and the output of a cryptographic sub-function. If the distribution depends on the key used in the function, we can retrieve the secret key. This attack can be efficient even in presence of some countermeasures because it does not required the knowledge of both plain text or cipher text.

Cryptographie

Carte à puce

Attaques par canaux cachés

Cryptanalyse

Statistique

Cryptography

Smart card

Compromising signals

Side channel attack

Cryptanalysis

Statistical

004

Cryptographie à base de courbes elliptiques et sécurité de composants embarqués / Elliptic curve cryptography and security of embedded devices

Verneuil, Pierre

13 June 2012

Les systèmes cryptographiques à base de courbes elliptiques sont aujourd'hui de plus en plus employés dans les protocoles utilisant la cryptographie à clef publique. Ceci est particulièrement vrai dans le monde de l'embarqué qui est soumis à de fortes contraintes de coût, de ressources et d'efficacité, car la cryptographie à base de courbes elliptiques permet de réduire significativement la taille des clefs utilisées par rapport aux systèmes cryptographiques précédemment employés tels que RSA (Rivest-Shamir-Adleman). Les travaux qui suivent décrivent dans un premier temps l'implantation efficace et sécurisée de la cryptographie à base de courbes elliptiques sur des composants embarqués, en particulier des cartes à puce. La sécurisation de ces implantations nécessite de prendre en compte les attaques physiques dont un composant embarqué peut être la cible. Ces attaques incluent notamment les analyses par canaux auxiliaires qui consistent à observer le comportement d'un composant pendant qu'il manipule une valeur secrète pour en déduire de l'information sur celle-ci, et les analyses par faute dans lesquelles un attaquant peut perturber un composant dans le même but.Dans la seconde partie de ce mémoire de thèse, nous étudions ces attaques et leurs implications concernant l'implantation des systèmes cryptographiques à clef publique les plus répandus. De nouvelles méthodes d'analyse et de nouvelles contre-mesures sont en particulier proposées. Une étude spécifique de certaines attaques appliquées à l'algorithme de chiffrement par bloc AES est également présentée. / Elliptic curve based cryptosystems are nowadays increasingly used in protocols involving public-key cryptography. This is particularly true in the context of embedded devices which is subject to strong cost, resources, and efficiency constraints, since elliptic curve cryptography requires significantly smaller key sizes compared to other commonly used cryptosystems such as RSA.The following study focuses in a first time on secure and efficient implementation of elliptic curve cryptography in embedded devices, especially smart cards. Designing secure implementations requires to take into account physical attacks which can target embedded devices. These attacks include in particular side-channel analysis which may infer information on a secret key manipulated by a component by monitoring how it interacts with its environment, and fault analysis in which an adversary can disturb the normal functioning of a device in the same goal.In the second part of this thesis, we study these attacks and their impact on the implementation of the most used public-key cryptosystems. In particular, we propose new analysis techniques and new countermeasures for these cryptosystems, together with specific attacks on the AES block cipher.

Cryptographie

Analyse par canaux auxilliaires

Courbes elliptiques

Rsa

Multiplication scalaire

Exponentiation

Cryptography

Side-channel analysis

Elliptic curves

Rsa

Scalar multiplication

Exponentiation

Etude de la sécurité d’algorithmes de cryptographie embarquée vis-à-vis des attaques par analyse de la consommation de courant / Study of the security of embedded cryptography algorithms facing power consumption analysis attacks

Wurcker, Antoine

23 October 2015

La cryptographie prend une place de plus en plus importante dans la vie des sociétés depuis que ses utilisateurs se rendent compte de son importance pour sécuriser divers aspects de la vie, depuis les moyens de paiement, de communication et de sauvegarde des éléments de la vie privée des citoyens, jusqu'à la sécurité nationale des pays et de leurs armées. Depuis une vingtaine d'années on sait que les algorithmes de cryptographie ne doivent pas seulement être sûrs mathématiquement parlant, mais que leurs implémentations dans un dispositif les rendent vulnérables à d'autres menaces par des voies d'informations alternatives : les canaux auxiliaires. Que ce soit la consommation électrique, le temps ou les émissions électromagnétiques, ... ces biais ont été évalués et depuis leur découverte les recherches de nouvelles attaques et protections se succèdent afin de garantir la sécurité des algorithmes. La présente thèse s'inscrit dans ce processus et présente plusieurs travaux de recherche traitant d'attaques et de contre-mesures dans le domaine de l'exploitation de canaux auxiliaires et d'injections de fautes. Une première partie présente des contributions classiques où l'on cherche à retrouver une clef cryptographique lorsque la seconde s’attelle à un domaine moins étudié pour l'instant consistant à retrouver les spécifications d'un algorithme tenu secret. / Cryptography is taking an ever more important part in the life of societies since the users are realising the importance to secure the different aspects of life from citizens means of payment, communication and records of private life to the national securities and armies. During the last twenty years we learned that to mathematically secure cryptography algorithms is not enough because of the vulnerabilities brought by their implementations in a device through an alternative means to get information: side channels. Whether it is from power consumption, time or electromagnetic emissions ... those biases have been evaluated and, since their discovery, the researches of new attacks follow new countermeasures in order to guarantee security of algorithms. This thesis is part of this process and shows several research works about attacks and countermeasures in the fields of side channel and fault injections analysis. The first part is about classic contributions where an attacker wants to recover a secret key when the second part deals with the less studied field of secret specifications recovery.

Cryptographie

Canaux auxiliaires

AES

DPA

CPA

IFA

Rétro-conception

SCARE

FIRE

Cryptography

Side channel

AES

DPA

CPA

IFA

Reverse engineering

SCARE

FIRE

005.8

Exploiting On-Chip Voltage Regulators as a Countermeasure Against Power Analysis Attacks

Yu, Weize

24 May 2017

Non-invasive side-channel attacks (SCA) are powerful attacks which can be used to obtain the secret key in a cryptographic circuit in feasible time without the need for expensive measurement equipment. Power analysis attacks (PAA) are a type of SCA that exploit the correlation between the leaked power consumption information and processed/stored data. Differential power analysis (DPA) and leakage power analysis (LPA) attacks are two types of PAA that exploit different characteristics of the side-channel leakage profile. DPA attacks exploit the correlation between the input data and dynamic power consumption of cryptographic circuits. Alternatively, LPA attacks utilize the correlation between the input data and leakage power dissipation of cryptographic circuits. There is a growing trend to integrate voltage regulators fully on-chip in modern integrated circuits (ICs) to reduce the power noise, improve transient response time, and increase power efficiency. Therefore, when on-chip voltage regulation is utilized as a countermeasure against power analysis attacks, the overhead is low. However, a one-to-one relationship exists between the input power and load power when a conventional on-chip voltage regulator is utilized. In order to break the one-to-one relationship between the input power and load power, two methodologies can be considered: (a) selecting multi-phase on-chip voltage regulator and using pseudo-random number generator (PRNG) to scramble the activation or deactivation pattern of the multi-phase voltage regulator in the input power profile, (b) enabling random voltage/scaling on conventional on-chip voltage regulators to insert uncertainties to the load power profile. In this dissertation, on-chip voltage regulators are utilized as lightweight countermeasures against power analysis attacks. Converter-reshuffling (CoRe) technique is proposed as a countermeasure against DPA attacks by using a PRNG to scramble the input power profile. The time-delayed CoRe technique is designed to eliminate machine learning-based DPA attacks through inserting a certain time delay. The charge-withheld CoRe technique is proposed to enhance the entropy of the input power profile against DPA attacks with two PRNGs. The security-adaptive (SA) voltage converter is designed to sense LPA attacks and activate countermeasure with low overhead. Additionally, three conventional on-chip voltage regulators: low-dropout (LDO) regulator, buck converter, and switched-capacitor converter are combined with three different kinds of voltage/frequency scaling techniques: random dynamic voltage and frequency scaling (RDVFS), random dynamic voltage scaling (RDVS), and aggressive voltage and frequency scaling (AVFS), respectively, against both DPA and LPA attacks.

Hardware security

Side-channel attacks

Differential power analysis attacks

Leakage power analysis attacks

On-chip voltage regulation

Computer Engineering

Electrical and Computer Engineering