Table of Contents
Fetching ...

Power Side-Channel Analysis of the CVA6 RISC-V Core at the RTL Level Using VeriSide

Behnam Farnaghinejad, Antonio Porsia, Annachiara Ruospo, Alessandro Savino, Stefano Di Carlo, Ernesto Sanchez

TL;DR

This work addresses the risk of power side-channel leakage in a contemporary CVA6 RISC-V core during software AES execution. It introduces VeriSide, a scalable RTL-level power-profiling framework that derives Hamming distance/weight traces directly from RTL simulations, avoiding large waveform files. Using Pearson correlation-based CPA, the authors demonstrate leakage sufficient to recover several key bytes and show that plaintext distribution heavily influences attack success, highlighting practical risks in RTL pre-silicon stages. The results advocate integrating early RTL security assessments into RISC-V design flows and motivate future work on countermeasures and extension to the RISC-V scalar cryptography extension. Overall, the paper provides a concrete RTL-level methodology for assessing side-channel resilience and underscores the importance of pre-fabrication security analysis.

Abstract

Security in modern RISC-V processors demands more than functional correctness: It requires resilience to side-channel attacks. This paper evaluates the vulnerability of the side channel of the CVA6 RISC-V core by analyzing software-based AES encryption uses an RTL-level power profiling framework called VeriSide. This work represents that this design's Correlation Power Analysis (CPA) reveals significant leakage, enabling key recovery. These findings underscore the importance of early-stage RTL assessments in shaping future secure RISC-V designs.

Power Side-Channel Analysis of the CVA6 RISC-V Core at the RTL Level Using VeriSide

TL;DR

This work addresses the risk of power side-channel leakage in a contemporary CVA6 RISC-V core during software AES execution. It introduces VeriSide, a scalable RTL-level power-profiling framework that derives Hamming distance/weight traces directly from RTL simulations, avoiding large waveform files. Using Pearson correlation-based CPA, the authors demonstrate leakage sufficient to recover several key bytes and show that plaintext distribution heavily influences attack success, highlighting practical risks in RTL pre-silicon stages. The results advocate integrating early RTL security assessments into RISC-V design flows and motivate future work on countermeasures and extension to the RISC-V scalar cryptography extension. Overall, the paper provides a concrete RTL-level methodology for assessing side-channel resilience and underscores the importance of pre-fabrication security analysis.

Abstract

Security in modern RISC-V processors demands more than functional correctness: It requires resilience to side-channel attacks. This paper evaluates the vulnerability of the side channel of the CVA6 RISC-V core by analyzing software-based AES encryption uses an RTL-level power profiling framework called VeriSide. This work represents that this design's Correlation Power Analysis (CPA) reveals significant leakage, enabling key recovery. These findings underscore the importance of early-stage RTL assessments in shaping future secure RISC-V designs.
Paper Structure (7 sections, 2 equations, 2 figures, 1 table)

This paper contains 7 sections, 2 equations, 2 figures, 1 table.

Figures (2)

  • Figure 1: Power Traces (SA) of the Actual Keys
  • Figure 2: Maximum Correlation Over Time