Effectiveness of Leakage Power Analysis Attacks on DPA-Resistant Logic Styles Under Process Variations

This paper extends the analysis of the effectiveness of Leakage Power Analysis (LPA) attacks to cryptographic VLSI circuits on which circuit level countermeasures against Differential Power Analysis (DPA) are adopted. Security metrics used for assessing the DPA-resistance of crypto core implementations, such as the minimum number to disclosure (MTD) and the asymptotic correlation coefficient, have been extended to the case of LPA. The LPA-resistance has been evaluated in terms of MTD as a function of the on chip noise. Noise variances up to 10000 times greater than the signal variance have been taken into account and LPA attacks have been successfully executed for all the logic styles under analysis using less than 100000 measurements. Moreover the role of process variations has been investigated through extensive Monte Carlo simulations in order to evaluate their impact on the leakage model for the logic styles under analysis. Results show that LPA attacks can be successfully carried out on the different anti-DPA logic styles even in presence of process variations. To the best of our knowledge, this work proves for the first time the effectiveness of LPA attacks in a real scenario where on chip noise and process variations are taken into account.