Quantitative Analysis of Timing Channel Security in Cryptographic Hardware Design

Cryptographic cores are known to leak information about their private key due to runtime variations, and there are many well-known attacks that can exploit this timing channel. In this work, we study how information theoretic measures can quantify the amount of key leakage that can be exacted from runtime measurements. We develop and analyze twenty two RSA hardware designs – each with unique performance optimizations, timing channel mitigation techniques or discretization/randomization countermeasures. We demonstrate the effectiveness of information theoretic measures for quantifying timing leakage through correlation analysis of information theoretic measurements and attack results. Experimental results show that mutual information is a promising technique for quantifying timing leakage for RSA, AES and ECC ciphers, i.e., the mutual information correlates to being able to successfully guess the value of the private key. This is an important step towards a hardware security metric which allows designers to reason about security alongside traditional hardware design metrics like area, performance, and power.