Analytical Side Channel EM Models, Extending Simulation Abilities for ICs, and Linking Physical Models to Cryptographic Metrics

Electromagnetic (EM) side channel analysis (SCA) attacks have evolved to a significant threat for integrated circuits (ICs). Radiation, emanated from devices which manipulate sensitive information, carries it with a sufficient signal-to-noise ratio. Security evaluation in design stages, from a model or from a simulation, is complicated and hard to argue for correctness. Extensive literature exist on attacks utilizing EM signals. However, both frontiers of simulatability and modeling of the radiation have shown rather little research effort in the past in the SCA context. On simulatability prior work investigated utilization of complete EM physical solvers, such as COMSOL, HFSS which require much effort from the user/engineer to model the electronic environment, or alternatively used simulated (SPICE) currents within IC's design kits and from it provide analytical estimation. On the modeling side, efforts were mainly limited to either: a specific EM component (e.g., magnetic), very limited scope of the model, or a limited connection with real-life IC. The main contributions of this research are: 1) providing a fully analytical model of the radiated signal considering the ground plane of the substrate and the medium change from oxidation layers to other mediums, such as air or plastic, utilizing EM theory-of-images for both E and H fields; 2) providing methodologies to simulate EM signals on IC-technologies (by adapting Cadence EMX tool); and 3) demonstrating little error between the analytical and simulated models and linking cryptographic SCA security metrics to the analytical tools. The developed model provides significant added value for security architects, faster, premanufacturing evaluation and a verifiability framework through IC tool.