A State Machine Encoding Methodology Against Power Analysis Attacks

Power side-channel attacks have been shown to be effective against recovering protected information from integrated circuits. Existing defense methods are expensive in area, power or both. Small-scale ICs used in embedded systems and IoT devices are expected to be safe and secure, and yet cannot afford the area and power overheads of the sophisticated defense methods. This paper presents a design methodology for finite state controllers (FSMs) to defend against power analysis attacks while ensuring low power overhead. Further, a desired level of security can be achieved while minimizing power consumption. We formulate a set of constraints on state encoding based on security and power metrics. We express these constraints as a Boolean satisfiability (SAT) problem and use a SAT solver to generate constraint satisfying encodings. Experimental results using over 100 FSMs from BenGen and MCNC benchmark suites show a graded increase in encoding length (up to 40% for original FSMs and 40-70% for restructured FSMs) depending on the security level chosen. Trade-off between security and power is demonstrated as the mutual information between power side-channel and the Hamming attack models can vary between 0 and 2, depending on the level of security desired. An average power reduction of up to 40% is observed in power-constrained FSMs with respect to restructured FSMs and 4-20% reduction with respect to minimal encoding strategy.