A Study on Evaluation Board Requirements for Assessing Vulnerability of Cryptographic Modules to Side-Channel Attacks

We studied for specifying requirements for side-channel attack (SCA) vulnerability evaluation boards. SCAs are a potential threat to cryptographic modules mounted in electronics products. Cryptographic modules are required to be evaluated in terms of vulnerability by using a test board. However, no reasonable requirements for such test boards have been specified. In this paper, we investigated the signal-to-noise ratio (SNR) of side-channel leakage and the transfer impedance from the side-channel leakage source to an observation port where side-channel leakage is probed in an evaluation board. We examined two models of existing SCA vulnerability evaluation boards that implemented the Advanced Encryption Standard (AES). Results suggest that cryptographic modules need to provide SNRs of side-channel leakage greater than 2 dB for implementations of the cryptographic algorithm involving no SCA countermeasures. It is also inferred that the transfer impedance needs to satisfy two conflicting requirements. The transfer impedance should be as large as possible, considering the ease of evaluation. At the same time, the transfer impedance needs to be low enough to suppress fluctuations in the power supply voltage and guarantee evaluation in a state equivalent to the actual operating state of the IC. Coaxial connectors would be recommended to be implemented for increasing the SNR and for reproducibility of measurements.