RISC-VAES扩展指令的硅前评估与安全增强OA北大核心CSTPCD
Pre-silicon evaluation and security enhancement for RISC-V AES extensions
针对密码算法加速的指令集架构扩展可能为处理器引入侧信道泄露的风险,提出了一种硅前阶段侧信道安全评估方法,能准确定位处理器运行过程中存在侧信道泄露风险的时刻与微架构组件.基于一款32 bit顺序精简指令集计算机(RISC-V)处理器架构,实现了两种代表性的高级加密标准(AES)扩展指令与扩展硬件电路,而后应用所提出的评估方法对其开展侧信道安全评估.基于评估结果提出了扩展端口动态掩码和运算单元功耗随机化的混合防护策略,进行了硅前安全验证,最终实现了高侧信道安全的AES指令集架构扩展.实验结果表明:所提出的混合防护策略能够在4.9%的面积开销下,提升了 AES扩展1 886倍以上的侧信道安全性.
The instruction set architecture(ISA)extension for cryptographic algorithm acceleration may introduce the risk of side channel leakage.A side channel security evaluation process in the pre-silicon stage was proposed,which could accurately locate the time and microarchitecture components with side channel leakage risk during the processor operation.Based on a 32 bit in-order reduced instruction set compute(RISC-V)processor architecture,two representative advanced encryption standard(AES)extension instructions and extended hardware circuits were implemented,and then the proposed evaluation method was applied to evaluate the side channel security.Based on the evaluation results,a hybrid protection strategy of extension port dynamic mask and power randomization of the operation unit was proposed,and the pre-silicon security verification was carried out.Finally the AES ISA extension with high side channel security was realized.The experimental results show that the proposed hybrid protection strategy can improve the side channel security of the AES extension by 1 886 times and more under the 4.9%area overhead.
赵毅强;魏鑫;李尧;何家骥
天津大学微电子学院,天津 300072
电子信息工程
硅前侧信道高级加密标准(AES)扩展指令精简指令集计算机(RISC-V)相关性功耗分析
pre-silicon side channeladvanced encryption standard(AES)extension instructionsreduced instruction set compute(RISC-V)correlation power analysis
《华中科技大学学报(自然科学版)》 2024 (003)
7-13 / 7
国家重点研发计划资助项目(2021YFB3100903).
评论