半導體產業是現今支持著電子設備發展中重要的一環,在蓬勃發展之際人們也對於晶片本身的資訊安全性提升了關注,開始注意此晶片是否容易被駭客攻擊進而導致重要且隱密的資料外洩。在眾多的攻擊手段之一,旁通道攻擊 (side-channel attack) 被認為是低成本高成功率方法之一。旁通道攻擊是基於設備進行加密過程中所洩漏之物理資訊,例如:電磁洩漏,功耗監控及溫度變化,來對系統進行進一步破解。本篇論文的目的為監控晶片在進行AES128加密時,晶片上各區域所產生的溫度變化來進行區域性旁通道分析,並進一步尋找該晶片中可能洩漏資訊的瓦當作我們的興趣點 (points of interest, POI),最後利用這些興趣點來進行旁通道攻擊,而攻擊模型的建置是利用機器學習來搭建。最後我們成功地利用提出的興趣點選取法找出了晶片上最易洩漏資訊之區域,並利用該區域破解了AES128,並且經過興趣點選擇後再次破解所需的Simulation Measurement-to-Disclosure (SMTD)低於沒有經過最佳化選擇的20%至40%。這篇論文的成果可以幫助晶片設計人員進行矽前評估 (pre-silicon evaluation) 來尋找晶片上可能洩漏資訊的區域並加以改進,以確保晶片設計中無重大的缺陷來對抗外在的旁通道攻擊。
Semiconductor industry is important in the production of electronic devices. As the industry booms, the concerns about the information security of the chips increased. Side-channel attacks aims at extracting secret information through physical parameters leaked by a system during an encryption, such as electromagnetic emission, power consumption and temperature change. The purpose of this paper is to perform a location based thermal side-channel analysis by monitoring the temperature changes in each tile of a chip during the AES-128 encryption, and further look for the points of interest (POI) that leak information. We make use of these points to do a thermal side-channel attack based on machine learning methodology. The results of this research show that we successfully find leakage POI to perform a decryption of AES-128. With POI selection, the Simulation Measurement-to-Disclosure (SMTD) is 20% to 40% lower compared to no POI selection. The proposed system helps chip designers to conduct a pre-silicon evaluation to identify possible leakage area and design weaknesses.