| With the development of hardware design methodology and the complexity of embedded system,electronic system level synthesis is gradually becoming an important cryptographic design methodology,regardless of whether it is for multicore,homogeneous or heterogeneous system.Electronic system level synthesis leverages automated tools and embedded implementation algorithms to schedule the implementation details of the cryptographic hardware design.It can provide the most optimal data flow as well as corresponding control flow for the design under certain constraints.Side channel vulnerabilities are the sorts of security leakage hidden deeply inside cryptographic hardware design.However,traditional cryptographic hardware automation flows are often lack of concerns and recognitions about security properties in side channel when generating the target circuit.And this results in great risks and flaws of different types of side channels existed inside the generated circuit.The thesis aims to comprehensively investigate the side-channel security issues from the perspectives of side-channel secured design,side-channel security evaluation,side-channel security application,respectively.The main research topics and contributions are summarized as follows:(1)We propose a framework for secure cryptographic hardware design and power side channel evaluation in the context of behavioral synthesis.Behavioral synthesis is characterized by its high degree of automation,and the design goal is to generate hardware architectures with higher performance.However,the potential security threats are always ignored by the designers.Aiming at the side channel security issues existed in behavioral synthesis,we propose a side channel secured cryptographic hardware design and evaluation framework in the context of behavioral synthesis.It can help the designers to ensure the security properties module by module from the bottom to the top.The novelty is to incorporate security concerns into architectural designs at the earlier phase of the design process.This enables designers to track the architectural changes that may incur side channel flaws and risks.As a result,designers can select the hardware architectures with high security attributes so that the architectural designs with high risks can be avoided.(2)We propose a behavioral synthesis optimization design space exploration based on memory architectural security in cryptographic hardware.Behavioral synthesis optimization enables to provide different architectural implementation alternaives that meet the same functional goals.Consequently,larger optimal architectural design space is available for hardware designers to make a performance tradeoff.However,the consideration and search in hardware dimension are always ignored in traditional design space exploration.To address this issue,this article presents a design space exploration that considers both performance and security.It expands the side channel attribute to a new design space exploration dimension.By launching architectural design space exploration both in performance and security,it can effectively improve the side channel security within the design during cryptographic hardware automatic design process.This method enables designers to select appropriate architectures that simultaneasly satisfy performance characteristics and security requirements according to application scenarios.(3)We propose a qualitative and quantitative method for side channel security evaluation in the context of behavioral synthesis scenarios.The performance attributes of behavioral synthesis generated cryptographic hardware design can be described through performance indicators such as throughput,resource usage and area.However,there is no unified evaluation index to describe the security attributes of different types of cryptographic hardware architecture.To address the mentioned issues,this article firstly provides coarse-grained qualitative security evaluation through test vector side channel vulnerability assessment.Then by launching real first order power side channel attacks on the benchmarks,the side channel security of those cryptographic designs can be revealed.Simultaneously,the side channel security is quantitatively evaluated and analyzed by the fine-grained security attribute metric.By doing safety test and analysis on different behavioral synthesis generated benchmarks,the effectiveness and accuracy of the proposed qualitative and quantitative side channel evaluation methods can be verified.(4)We propose a side channel vulnerability evaluation method of cryptographic hardware based on clustering theory in machine learning.Artificial intelligence plays an important role in many fields such as computer vision,natural language understanding,intelligent industry and smart home.This article puts forward a side channel leakage assessment method which is based on clustering in machine learning.This method can accurately extract the power side channel leakage characteristics so as to improve the detection efficiency of power side channel leakage.This power side channel leakage detection method can dramatically decrease the amount of data needed for the test while maintaining the detection accuracy for power side channel leakage.As a consequence,the amount of test data and the complexity of data structure required in the leakage detection can be significantly reduced.The effectiveness of the side channel leakage detection method is verified using the benchmarks generated from behavioral synthesis tools.The scheme significantly optimizes the workflow of side channel leakage detection process in cryptographic sub-module.(5)We propose a new type of hardware Trojan which is based on fault injection side channel.The integrated hardware circuit is easily threatened by hardware Trojan in the process of design and manufacture.The hardware Trojan would not threaten the system if it is in the sleepy condition.Once it is activated under certain triggering conditions,it can incur serious damage for the hardware system.This article demonstrates a hardware Trojan design method based on fault injection side channel.It is hidden by leveraging internal don’t care conditions within the hardware circuit,and it can pass most hardware Trojan detection methodologies such as equivalent checking,switching probability,and side channel analysis.It is well hidden unless it is activated by side channel fault attack.Then it starts to leak confidential secrets within the cryptographic algorithms.Then we try to analyze how to use side channel countermeasures to weaken this type of hardware Trojan.Based on the side channel security theory of cryptographic hardware circuit,this thesis conducts the research from three aspects: side channel secured design technology,side channel security assessment technology,side channel security application,respectively.First,a qualitative and quantitative side chanel vulnerability analysis are provided to the cryptographic hardware design automation process in the context of behavioral synthesis optimization so as to enable hardware designers to incorporate security to the traditional hardware design automation process,and to solve the unnecessary side channel issues due to a lack of security concerns in the traditional automated cryptographic hardware design flow.Then,in order to improve the efficiency of side channel leakage assessment in the context of design space exploration in behavioral synthesis,we provide a side channel leakage assessment method based on machine learning in artificial intelligence.This scheme uses the clustering theory in unsupervised learning to launch fast side channel leakage assessment for hardware security checkers.Additionally,we also discuss how to leverage the side channel mechanism to design a new type of hardware Trojan which is based on fault injection side channels. |
