Saideep Sreekumar,Mohammed Ashraf,Mohammed Nabeel,Ozgur Sinanoglu,Johann Knechtel

DOI: https://doi.org/10.48550/arXiv.2211.08046

2022-11-15

Abstract:Power side-channel (PSC) attacks are well-known threats to sensitive hardware like advanced encryption standard (AES) crypto cores. Given the significant impact of supply voltages (VCCs) on power profiles, various countermeasures based on VCC tuning have been proposed, among other defense strategies. Driver strengths of cells, however, have been largely overlooked, despite having direct and significant impact on power profiles as well. For the first time, we thoroughly explore the prospects of jointly tuning driver strengths and VCCs as novel working principle for PSC-attack countermeasures. Toward this end, we take the following steps: 1) we develop a simple circuit-level scheme for tuning; 2) we implement a CAD flow for design-time evaluation of ASICs, enabling security assessment of ICs before tape-out; 3) we implement a correlation power analysis (CPA) framework for thorough and comparative security analysis; 4) we conduct an extensive experimental study of a regular AES design, implemented in ASIC as well as FPGA fabrics, under various tuning scenarios; 5) we summarize design guidelines for secure and efficient joint tuning. In our experiments, we observe that runtime tuning is more effective than static tuning, for both ASIC and FPGA implementations. For the latter, the AES core is rendered >11.8x (i.e., at least 11.8 times) as resilient as the untuned baseline design. Layout overheads can be considered acceptable, with, e.g., around +10% critical-path delay for the most resilient tuning scenario in FPGA. We will release source codes for our methodology, as well as artifacts from the experimental study, post peer-review.

Cryptography and Security,Hardware Architecture

Jitendra Bhandari,Mohammed Nabeel,Likhitha Mankali,Ozgur Sinanoglu,Ramesh Karri,Johann Knechtel

2024-07-21

Abstract:This paper presents a novel defense strategy against static power side-channel attacks (PSCAs), a critical threat to cryptographic security. Our method is based on (1) carefully tuning high-Vth versus low-Vth cell selection during synthesis, accounting for both security and timing impact, and (2), at runtime, randomly switching the operation between these cells. This approach serves to significantly obscure static power patterns, which are at the heart of static PSCAs. Our experimental results on a commercial 28nm node show a drastic increase in the effort required for a successful attack, namely up to 96 times more traces. When compared to prior countermeasures, ours incurs little cost, making it a lightweight defense.

Cryptography and Security

Miao,Jungmin Park,Adib Nahiyan,Apostol Vassilev,Yier Jin,Mark Tehranipoor

DOI: https://doi.org/10.48550/arXiv.1901.05909

2019-01-18

Abstract:Power side-channel attacks (SCAs) have become a major concern to the security community due to their non-invasive feature, low-cost, and effectiveness in extracting secret information from hardware implementation of cryto algorithms. Therefore, it is imperative to evaluate if the hardware is vulnerable to SCAs during its design and validation stages. Currently, however, there is little-known effort in evaluating the vulnerability of a hardware to SCAs at early design stage. In this paper, we propose, for the first time, an automated framework, named RTL-PSC, for power side-channel leakage assessment of hardware crypto designs at register-transfer level (RTL) with built-in evaluation metrics. RTL-PSC first estimates power profile of a hardware design using functional simulation at RTL. Then it utilizes the evaluation metrics, comprising of KL divergence metric and the success rate (SR) metric based on maximum likelihood estimation to perform power side-channel leakage (PSC) vulnerability assessment at RTL. We analyze Galois-Field (GF) and Look-up Table (LUT) based AES designs using RTL-PSC and validate its effectiveness and accuracy through both gate-level simulation and FPGA results. RTL-PSC is also capable of identifying blocks inside the design that contribute the most to the PSC vulnerability which can be used for efficient countermeasure implementation.

Cryptography and Security

Pouya Narimani,Meng Wang,Ulysse Planta,Ali Abbasi

2024-10-15

Abstract:Power side-channel (PSC) attacks are widely used in embedded microcontrollers, particularly in cryptographic applications, to extract sensitive information. However, expanding the applications of PSC attacks to broader security contexts in the embedded systems domain faces significant challenges. These include the need for specialized hardware setups to manage high noise levels in real-world targets and assumptions regarding the attacker's knowledge and capabilities. This paper systematically analyzes these challenges and introduces a novel signal-processing method that addresses key limitations, enabling effective PSC attacks in real-world embedded systems without requiring hardware modifications. We validate the proposed approach through experiments on real-world black-box embedded devices, verifying its potential to expand its usage in various embedded systems security applications beyond traditional cryptographic applications.

Cryptography and Security

Nithyashankari Gummidipoondi Jayasankaran,Hao Guo,Satwik Patnaik,Jeyavijayan,Rajendran,Jiang Hu

2023-07-06

Abstract:The various benefits of multi-tenanting, such as higher device utilization and increased profit margin, intrigue the cloud field-programmable gate array (FPGA) servers to include multi-tenanting in their infrastructure. However, this property makes these servers vulnerable to power side-channel (PSC) attacks. Logic designs such as ring oscillator (RO) and time-to-digital converter (TDC) are used to measure the power consumed by security critical circuits, such as advanced encryption standard (AES). Firstly, the existing works require higher minimum traces for disclosure (MTD). Hence, in this work, we improve the sensitivity of the TDC-based sensors by manually placing the FPGA primitives inferring these sensors. This enhancement helps to determine the 128-bit AES key using 3.8K traces. Secondly, the existing defenses use ROs to defend against PSC attacks. However, cloud servers such as Amazon Web Services (AWS) block design with combinatorial loops. Hence, we propose a placement-based defense. We study the impact of (i) primitive-level placement on the AES design and (ii) additional logic that resides along with the AES on the correlation power analysis (CPA) attack results. Our results showcase that the AES along with filters and/or processors are sufficient to provide the same level or better security than the existing defenses.

Cryptography and Security

Xinjie Zhao,Fan Zhang,Shize Guo,Tao Wang,Zhijie Shi,Huiying Liu,Keke Ji

DOI: https://doi.org/10.1007/978-3-642-29912-4_17

2012-01-01

Abstract:Algebraic side-channel attack (ASCA) is a powerful cryptanalysis technique different from conventional side-channel attacks. This paper studies ASCA from three aspects: enhancement, analysis and application. To enhance ASCA, we propose a generic method, called Multiple Deductions-based ASCA (MDASCA), to cope the multiple deductions caused by inaccurate measurements or interferences. For the first time, we show that ASCA can exploit cache leakage models. We analyze the attacks and estimate the minimal amount of leakages required for a successful ASCA on AES under different leakage models. In addition, we apply MDASCA to attack AES on an 8-bit microcontroller under Hamming weight leakage model, on two typical microprocessors under access driven cache leakage model, and on a 32-bit ARM microprocessor under trace driven cache leakage model. Many better results are achieved compared to the previous work. The results are also consistent with the theoretical analysis. Our work shows that MDASCA poses great threats with its excellence in error tolerance and new leakage model exploitation.

Lu Zhang,Dejun Mu,Jingyu Wang,Ruoyang Liu,Yifan He,Yaolei Li,Yu Tai,Shengbing Zhang,Xiaoya Fan,Huazhong Yang,Yongpan Liu

DOI: https://doi.org/10.1109/tcad.2024.3394372

2024-01-01

Abstract:As domain-specific training data is recognized as valuable intellectual property, acquiring well-trained weights in convolutional neural networks (CNN) has emerged as a new threat to the neural network design community. To design a CNN accelerator that is resilient to side-channel threats, it is crucial to have an accurate and efficient security-driven framework at the early design stage. However, there is no standard way to perform root-cause analysis on the power side channel that exists in FPGA-based CNN accelerators. Therefore, we build RE-Specter, , a framework that facilitates security-driven design space exploration (DSE) across various building components, combination patterns, and parallelism configurations in CNNs. The goal is to fully understand the power side-channel effects resulting from architectural modifications or optimization decisions. We further compare the benchmarks considering precision, resource utilization, and power side-channel leakage. Finally, we experimentally explore the design space of various architectural features. The experimental results show that low-bit precision delivers more secure architectures (68.9x x among DSPs, 2439x x among LUTs) in measurement-to-disclosure (MTD), but mixed- precision strategies are necessary to maintain the model accuracy. For loop optimization, in 16-parallel scenario, accumulator-based architecture outperforms the architecture featuring an adder tree with the improvements of 8.28x in MTD and 1.38x in PST.

Jianlei Yang,Chenguang Wang,Yici Cai,Qiang Zhou

DOI: https://doi.org/10.1109/fpt.2014.7082770

2014-01-01

Abstract:Side Channel Attack (SCA) aims to extract the secret information from cryptography chips by analyzing the leakage of physical parameters. Power analysis based SCA is a popular approach to obtain secret keys by monitoring the power consumption of cryptography chips. However, most SCA evaluation methods are performed on FPGA platforms while many parasitic physical effects cannot be revealed before the cryptography chips are taped out. Roughly ignoring these effects will significantly increase the attack difficulties due to the corresponding measurement noise. Power supply noise has been observed to be critical for power analysis based SCA. This paper demonstrates a power supply noise aware evaluation framework for practical side channel attack from cryptography system design to physical design. On-chip power delivery network is implemented among physical design stage. Consequently the supply noise of power network can be explored according to the post-layout implementation. Additionally, the countermeasures of cryptography chips could be enhanced by on-chip decapacitors placement due to its influences on the characteristics of power delivery network.

Shize Guo,Xinjie Zhao,Fan Zhang,Tao Wang,Zhijie Jerry Shi,Francois-Xavier Standaert,Chujiao Ma

DOI: https://doi.org/10.1109/tifs.2014.2315534

IF: 7.231

2014-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Algebraic side-channel attack (ASCA) is a typical technique that relies on a general solver to solve the equations of a cipher and its side-channel leaks. It falls under analytical side-channel attack and can recover the entire key at once. Many ASCAs are proposed against the AES, and they utilize the Grobner basis-based, SAT-based, or optimizer-based solver. The advantage of the general solver approach is its generic feature, which can be easily applied to different cryptographic algorithms. The disadvantage is that it is difficult to take into account the specialized properties of the targeted cryptographic algorithms. The results vary depending on what type of solver is used, and the time complexity is quite high when considering the error-tolerant attack scenarios. Thus, we were motivated to find a new approach that would lessen the influence of the general solver and reduce the time complexity of ASCA. This paper proposes a new analytical side-channel attack on AES by exploiting the incomplete diffusion feature in one AES round. We named our technique incomplete diffusion analytical side-channel analysis (IDASCA). Different from previous ASCAs, IDASCA adopts a specialized approach to recover the secret key of AES instead of the general solver. Extensive attacks are performed against the software implementation of AES on an 8-bit microcontroller. Experimental results show that: 1) IDASCA can exploit the side-channel leaks in all AES rounds using a single power trace; 2) it has less time complexity and more robustness than previous ASCAs, especially when considering the error-tolerant attack scenarios; and 3) it can calculate the reduced key search space of AES for the given amount of side-channel leaks. IDASCA can also interpret the mechanism behind previous ASCAs on AES from a quantitative perspective, such as why ASCA can work under unknown plaintext/ciphertext scenarios and what are the extreme cases in ASCAs.

Yan Ting Ren,Li Ji Wu

DOI: https://doi.org/10.4028/www.scientific.net/amr.718-720.2376

2013-01-01

Advanced Materials Research

Abstract:In order to test the security of cryptographic devices against Side Channel Attacks (SCA), an automatic general-purpose power analysis system (TH-PAS-01) is designed and implemented. TH-PAS-01 is scalable and can be applied to many cryptographic devices when specific modules are installed. Using the system TH-PAS-01, correlation power analysis (CPA) are carried out on an AES chip under two working models: normal and shuffling mode. The security level of the countermeasure provided by the target chip is verified by TH-PAS-01. The experimental results show that the correct key of the AES chip is obtained with around 50,000 power traces when the chip was working under normal mode, while the whole key bits are not obtained with 960,000 power traces when the chip works under shuffling mode. The automatic general-purpose system TH-PAS-01 is feasible for security analysis on power analysis for cryptographic devices.

Titu Mary Ignatius,Thockchom Birjit Singha,Roy Paily Palathinkal

DOI: https://doi.org/10.1109/access.2024.3477961

IF: 3.9

2024-10-19

IEEE Access

Abstract:With the advancement of IoT edge devices, the threat to sensitive data processed at these devices is increasing. This research aims to enhance processor's built-in resilience against power analysis attacks (PAA) by expanding pipeline stages, employing diverse pipeline techniques, and integrating additional features. The paper proposes 32-bit RISC-V core micro-architectures with inbuilt cryptographic capabilities, extending the RISC-V ISA with custom AES instructions to reduce energy consumption, code size, and encryption time compared to software AES solutions. An area-efficient 128-bit, 12-clock AES based on the Masoleh S-box is integrated into the RISC-V core, resulting in low area and power overheads. Two cores are presented: Core1, a 3-stage pipelined core with a software pause, and Core2, a 4-stage pipelined core with a hardware pause for securing data with AES instructions. Despite their vulnerabilities, the integration of AES with RISC-V architecture significantly improves their intrinsic resilience against PAA. This work analyses the vulnerability and improvement in intrinsic resilience of these cores to side-channel attacks, the impact of hardware versus software pause and the effect of pipeline stages on security metrics. The proposed designs are validated on a Xilinx Basys3 FPGA and developed in UMC 65 nm technology node. Power traces generated during AES encryption are extracted using Synopsys PrimeTime PX and analyzed with a MATLAB power attack model to successfully recover all key bytes. Core1 and Core2 achieved higher throughput of and , respectively, than the Arm CryptoCell312. Core2's added circuits for hardware pause and increased number of pipeline stages significantly boost performance and enhance security against power attacks, with only a modest increase in area and power consumption.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xinjie Zhao,Tao Wang,Shize Guo,Fan Zhang,Zhijie Shi,Huiying Liu,Kehui Wu

2011-01-01

Abstract:Introduced in 2009, Algebraic Side-Channel Attack (ASCA) has become a very effective cryptanalysis technique that is different from conventional side-channel attacks such as DPA and CPA. In this paper, we propose an innovative and generic attack framework named as SATETASCA (SAT based Error Tolerant Algebraic Side-Channel Attack). The proposed framework is effective even if the leakage information is not accurate and has large variants or errors. We show its generality by successfully launching SAT-ETASCA to AES on two different platforms, using different types of leakages. The first attack is to an AES implementation on an 8-bit microcontroller, using the Hamming weight leakage model. We demonstrate that SAT-ETASCA can recover the full key even when the obtained leakage information has about 60% errors. The second attack is based on an innovative idea of applying the external cache …

Haocheng Ma,Jiaji He,Yanjiang Liu,Leibo Liu,Yiqiang Zhao,Yier Jin

DOI: https://doi.org/10.1109/tcad.2020.3024938

2019-01-01

Abstract:Side-Channel Analysis (SCA) attacks are major threats to hardware security. Upon this security threat, various countermeasures at different design layers have been proposed against SCA attacks. These approaches often introduce significant performance overheads and impose high requirements of side-channel security backgrounds to IC designers. In this paper, we propose an automatic computer-aided design (CAD) tool that can enhance the circuit resistance against electromagnetic (EM) SCA attacks. This new tool will guide a security-driven placement process and can be seamlessly integrated into the modern IC design flow. The protected IC design will be resilient to SCA attacks with negligible area and power overheads. In order to develop this tool, we first investigate the root-cause of EM leakage at layout level and mathematically demonstrate the feasibility of security-driven placement through the EM leakage modeling. We then identify that the correlation between the data under protection and the EM leakage can be significantly reduced through data-dependent registers reallocation. Simulation results on cryptographic circuits prove the effectiveness of both the constructed EM leakage model and the EM model based CAD tool for EM security.

Saleh Khalaj Monfared,Domenic Forte,Shahin Tajik

2024-08-31

Abstract:Physical side-channel attacks can compromise the security of integrated circuits. Most physical side-channel attacks (e.g., power or electromagnetic) exploit the dynamic behavior of a chip, typically manifesting as changes in current consumption or voltage fluctuations where algorithmic countermeasures, such as masking, can effectively mitigate them. However, as demonstrated recently, these mitigation techniques are not entirely effective against backscattered side-channel attacks such as impedance analysis. In the case of an impedance attack, an adversary exploits the data-dependent impedance variations of the chip power delivery network (PDN) to extract secret information. In this work, we introduce RandOhm, which exploits a moving target defense (MTD) strategy based on the partial reconfiguration (PR) feature of mainstream FPGAs and programmable SoCs to defend against impedance side-channel attacks. We demonstrate that the information leakage through the PDN impedance could be significantly reduced via runtime reconfiguration of the secret-sensitive parts of the circuitry. Hence, by constantly randomizing the placement and routing of the circuit, one can decorrelate the data-dependent computation from the impedance value. Moreover, in contrast to existing PR-based countermeasures, RandOhm deploys open-source bitstream manipulation tools on programmable SoCs to speed up the randomization and provide real-time protection. To validate our claims, we apply RandOhm to AES ciphers realized on 28-nm FPGAs. We analyze the resiliency of our approach by performing non-profiled and profiled impedance analysis attacks and investigate the overhead of our mitigation in terms of delay and performance.

Cryptography and Security

Rodothea Myrsini Tsoupidi,Roberto Castañeda Lozano,Elena Troubitsyna,Panagiotis Papadimitratos

DOI: https://doi.org/10.48550/arXiv.2207.02614

2022-12-03

Abstract:Side-channel attacks impose a serious threat to cryptographic algorithms, including widely employed ones, such as AES and RSA. These attacks take advantage of the algorithm implementation in hardware or software to extract secret information via side channels. Software masking is a mitigation approach against power side-channel attacks aiming at hiding the secret-revealing dependencies from the power footprint of a vulnerable implementation. However, this type of software mitigation often depends on general-purpose compilers, which do not preserve non-functional properties. Moreover, microarchitectural features, such as the memory bus and register reuse, may also leak secret information. These abstractions are not visible at the high-level implementation of the program. Instead, they are decided at compile time. To remedy these problems, security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation transformations. This paper proposes Secure by Construction Code Generation (SecCG), a constraint-based compiler approach that generates optimized yet secure against power side channels code. SecCG controls the quality of the mitigated program by efficiently searching the best possible low-level implementation according to a processor cost model. In our experiments with twelve masked cryptographic functions up to 100 lines of code on Mips32 and ARM Thumb, SecCG speeds up the generated code from 75% to 8 times compared to non-optimized secure code with an overhead of up to 7% compared to non-secure optimized code at the expense of a high compilation cost. In summary, this paper proposes a formal model to generate power side channel free low-level code.

Cryptography and Security,Artificial Intelligence

Hasindu Gamaarachchi,Harsha Ganegoda

DOI: https://doi.org/10.48550/arXiv.1801.00932

2018-01-03

Abstract:Power analysis is a branch of side channel attacks where power consumption data is used as the side channel to attack the system. First using a device like an oscilloscope power traces are collected when the cryptographic device is doing the cryptographic operation. Then those traces are statistically analysed using methods such as Correlation Power Analysis (CPA) to derive the secret key of the system. Being possible to break Advanced Encryption Standard (AES) in few minutes, power analysis attacks have become a serious security issue for cryptographic devices such as smart card. As the first phase of our project, we build a testbed for doing research on power analysis attacks. As power analysis is a practical type of attack in order to do any research, a testbed is the first requirement. Since building a test bed is a complicated process, having a pre-built testbed would save the time of future researchers. The second phase of our project is to attack the latest cryptographic algorithm called Speck which has been released by National Security Agency (NSA) for use in embedded systems. In spite it has lot of differences to AES making impossible to directly use the power analysis approach used for AES, we introduce novel approaches to break Speck in less than an hour. In the third phase of the project, we select few already introduced countermeasures and practically attack them on our testbed to do a comparative analysis. We show that software countermeasures such as random instruction injection and randomly shuffling S-boxes are good enough for their simplicity and cost. But we identify the possible threat due to the problem of generating a good seed for the pseudo-random algorithm running on the microcontroller. We attempt to address this issue by using a hardware-based true random generator that amplifies a random electrical signal and samples to generate a proper seed.

Cryptography and Security

Muhammad Arsath K F,Vinod Ganesan,Rahul Bodduna,Chester Rebeiro

DOI: https://doi.org/10.1109/HOST45689.2020.9300263

2019-11-20

Abstract:The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app fingerprinting, reverse engineering of firmware, and password recovery are growing threats. Countermeasures proposed so far are tuned to specific applications, such as crypto-implementations. They are not scalable to the large number and variety of applications that typically run on a general purpose microprocessor. In this paper, we investigate the design of a microprocessor, called PARAM with increased resistance to power based side-channel attacks. To design PARAM, we start with identifying the most leaking modules in an open-source RISC V processor. We evaluate the leakage in these modules and then add suitable countermeasures. The countermeasures depend on the cause of leakage in each module and can vary from simple modifications of the HDL code ensuring secure translation by the EDA tools, to obfuscating data and address lines thus breaking correlation with the processor's power consumption. The resultant processor is instantiated on the SASEBO-GIII FPGA board and found to resist Differential Power Analysis even after one million power traces. Compared to contemporary countermeasures for power side-channel attacks, overheads in area and frequency are minimal.

Cryptography and Security

Kevin Immanuel Gubbi,Banafsheh Saber Latibari,Muhtasim Alam Chowdhury,Afrooz Jalilzadeh,Erfan Yazdandoost Hamedani,Setareh Rafatirad,Avesta Sasan,Houman Homayoun,Soheil Salehi

DOI: https://doi.org/10.1109/tcsi.2024.3364160

2024-01-01

Abstract:The globalization of the manufacturing process and the supply chain for electronic hardware has been driven by the need to maximize profitability while lowering risk in a technologically advanced silicon sector. However, many hardware IPs’ security features have been broken because of the rise in successful hardware attacks. Existing security efforts frequently ignore numerous dangers in favor of fixing a particular vulnerability. This inspired the development of a unique method that uses emerging spin-based devices to obfuscate circuitry to secure hardware intellectual property (IP) during fabrication and the supply chain. We propose an Optimized and Automated Secure IC (OASIC) Design Flow, a defense-in-depth approach that can minimize overhead while maximizing security. Our EDA tool flow uses a dynamic obfuscation method that employs dynamic lockboxes, which include switch boxes and magnetic random access memory (MRAM)-based look-up tables (LUT) while offering minimal overhead and being flexible and resilient against modern SAT-based attacks and power side-channel attacks. An EDA tool flow for optimized lockbox insertion is also developed to generate SAT-resilient design netlists with the least power and area overhead. PPA metrics and security (SAT attack time) are provided to the designer for each lockbox insertion run. A verification methodology is provided to verify locked and unlocked designs for functional correctness. Finally, we use ISCAS’85 benchmarks to show that the EDA tool flow provides a secure hardware netlist with maximum security while considering power and area constraints. Our results indicate that the proposed OASIC design flow can maximize security while incurring less than 15% area overhead and maintaining a similar power footprint compared to the original design. OASIC design flow demonstrates improved performance as design size increases, which demonstrates the scalability of the proposed approach.

engineering, electrical & electronic

Tao Zhang,Xiao-Yu Zheng,Ming-Yu Fan,Jian-Bo Yao

2009-01-01

Abstract:Side-channel analysis (SCA) is a powerful physical cryptanalysis. However, traditional SCA security evaluation is time-consuming, error prone and expensive. In order to improve the efficiency of security evaluation, a design-time SCA analysis method is proposed. Firstly, a general SCA leakage model is presented, and the analysis flow of design-time SCA is described. Secondly, a flexible simulation and analysis environment is built to evaluate the security of different SCA leakages. Finally, an illustrative experiment, which performs a design-time SCA evaluation on the crypto-chip with AES-128 core, is given. Compared with traditional SCA analysis method, our approach can detect SCA vulnerability and evaluate the quality of SCA countermeasures at design time, and thus it reduces time-to-market greatly.

Jianbo Yao,Tao Zhang

DOI: https://doi.org/10.1109/auteee60196.2023.10407457

2023-01-01

Abstract:SCA is an influential method used in physical cryptanalysis. Generally, the assessment of SCA security is carried out post-production in typical industrial procedures. This post-production analysis, however, is prone to errors, costly, and time intensive. Thus, to heighten efficiency, it has been proposed to carry out SCA analysis during design-time, drawing inspiration from the ethos of hardware/software co-design. This paper first introduces the limitations of traditional embedded system software/hardware design and the process of software/hardware co-design and a general SCA leakage model, followed by an overview of the process behind a design-time security analysis. Next, we establish a versatile simulation and analytical framework to evaluate various SCA leakages. In conclusion, we provide a demonstrated experiment that carries out a design data SCA analysis for the crypto-chip integrated having an AES-128 core.