NSF-DFG: SaTC: CORE: Small: Demonstrating Practical Provable Side-channel Security

About This Grant

Side-channel attacks are a type of cyber attack where the adversary learns about what is being calculated by observing external properties such as power consumption or electromagnetic emissions. Side-channel information leakage of this type is a potent threat to cryptographic hardware security, arising from the physical effects of computation. These unintentional emissions can be exploited to extract sensitive data, even when cryptographic algorithms are mathematically secure. This project addresses this critical vulnerability by bridging the gap between theoretical models of side-channel leakage and practical hardware design. The novelties of this project include in the development of advanced physical probing models, scalable validation tools, and provably secure design methods. The project's broader significance and importance are in its potential to fundamentally strengthen the physical security of hardware systems used in everyday technologies by making side-channel security verification more systematic, predictable, and accessible. The research team develops new probing models that reflect real-world adversary capabilities and integrates them into advanced computer-aided design tools. These tools analyze various forms of side-channel leakage and determine the level of physical detail needed for accurate predictions. The research team validates the new probing models by designing and fabricating a reconfigurable integrated circuit. This hardware serves as a testbed to assess the models and to drive model improvements. The team also explores secure-by-construction design techniques that guarantee resistance to side-channel attacks based on formal proofs. The project links experts in secure hardware and formal modeling across international borders and enhances the scientific reach and impact of the work. Results are expected to advance the state of the art in secure hardware design, influence industry practices, and inform educational activities through tutorials and workshops in cryptographic engineering and design automation. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.