Design of side-channel resistant power monitors

In modern computing platforms, power monitors are employed to deliver online power estimates to support different run-time power-performance optimization methodologies. However, the possibility of setting up a successful side-channel attack by analyzing the power estimates imposes the use of a suitable and systematic approach in the design of such power monitors. This paper proposes a design methodology to automatically identify and implement side-channel resistant power monitors at the hardware level, for generic computing platforms. The methodology works by designing a power monitor for which the switching activity of the signals used to compute the power estimates is not a function of both the secret key and the plaintext/ciphertext values processed by the computing platform. According to the most recent standardized methodologies to assess the side-channel security, our experimental validation leverages both CPA and t-test analysis considering a general purpose System-on-Chip executing different cryptographic primitives and an application-specific accelerator implementing the AES-128 algorithm. Our results confirm the impossibility of retrieving the secret key from the power estimates provided by our side-channel resistant power monitor. Considering several temporal resolutions, we highlight an accuracy error of the power estimates limited to less than 2.7%, as well as an average area and power overheads for the protected power monitors lower than 6% and 5%, respectively. To this end, the proposed methodology is able to deliver a side-channel resistant power monitor within state-of-the-art accuracy error and overheads.