EP-4736042-A1 - ELECTRONIC SYSTEM COMPRISING AT LEAST ONE INTEGRATED SENSOR FOR MONITORING SIDE CHANNEL EMISSIONS OF A SECURE PROCESSOR

Abstract

The present invention relates to an electronic system (1) comprising a secure processor (102) and an integrated sensor (101) configured for monitoring side channel emissions of said secure processor, wherein: - the integrated sensor is electrically disconnected from the secure processor, - said secure processor is configured for performing a processing operation generating a specific side channel emission called trigger side channel emission, - said integrated sensor is configured such that monitoring said trigger side channel emission causes the integrated sensor to switch to an operation mode depending on said trigger side channel emission.

Inventors

• LOUBET MOUNDI, PHILIPPE
• GRAVELLIER, Joseph
• TEGLIA, YANNICK

Assignees

• THALES DIS FRANCE SAS

Dates

Publication Date

20260506

Application Date

20240612

Claims (8)

1. 1. An electronic system (1 ) comprising a secure processor (102) and an integrated sensor (101 ) configured for monitoring side channel emissions of said secure processor, wherein: - the integrated sensor is electrically disconnected from the secure processor, - said secure processor is configured for performing a processing operation generating a specific side channel emission called trigger side channel emission, - said integrated sensor is configured such that monitoring said trigger side channel emission causes the integrated sensor to switch to an operation mode depending on said trigger side channel emission.
2. 2. The electronic system of claim 1 , comprising an untrusted processor (103), wherein the integrated sensor is configured for being protected against manipulations from the untrusted processor.
3. 3. The electronic system of claim 1 or 2, wherein causing the integrated sensor to switch to an operation mode depending on said trigger side channel emission comprises enabling the integrated sensor, disabling the integrated sensor or changing the sensitivity of the integrated sensor.
4. 4. The electronic system of claim 2 or 3, wherein the integrated sensor is connected to the untrusted processor in such a way as to allow data to be pushed only from said integrated sensor to said untrusted processor.
5. 5. The electronic system of claim 4, comprising further a register for storing output values of the integrated sensor accessible by said untrusted processor, and wherein the integrated sensor is configured for monitoring voltage fluctuations of the secure processor and for programming a voltage output value in said register.
6. 6. A method for secure operation of an integrated sensor (101 ) of an electronic system (1 ), configured for monitoring side channel emissions of a secure processor (102) of said electronic system and electrically disconnected from the secure processor comprising: - performing (S1 ), by said secure processor, a first processing operation generating first side channel emissions, - monitoring (S2), by said integrated sensor, said first side channel emissions, - performing (S3), by said secure processor, a second processing operation generating a trigger side channel emission, - monitoring (S4), by said integrated sensor, said trigger side channel emission and switching to an operation mode depending on said monitored trigger side channel emission.
7. 7. A method for secure operation of a plurality of integrated sensor (101 ) of an electronic system (1 ), each configured for monitoring side channel emissions of a secure processor (102) of said electronic system and electrically disconnected from the secure processor, comprising: - performing (S1 ), by said secure processor, a first processing operation generating first side channel emissions, - monitoring (S2), by each integrated sensor, said first side channel emissions, - performing (S3), by said secure processor, a second processing operation generating a trigger side channel emission, - monitoring (S4), by each integrated sensor, said trigger side channel emissions and switching to an operation mode depending on said trigger side channel emission.
8. 8. A computer program product directly loadable into the memory of at least one computer, comprising software code instructions for performing the steps of claim 6 or 7 when said product is run on the computer.

Description

ELECTRONIC SYSTEM COMPRISING AT LEAST ONE INTEGRATED SENSOR FOR MONITORING SIDE CHANNEL EMISSIONS OF A SECURE PROCESSOR FIELD OF THE INVENTION The present invention relates to the field of chip protection against side attacks, and more particularly to a processing device, and a corresponding method, comprising sensors monitoring its side channel emissions while preventing any use of such sensors by an attacker. BACKGROUND OF THE INVENTION Sensitive information, such as secret keys to be used in cryptographic algorithms are usually protected in order to prevent an access to it by an attacker, even when the attacker has full control of the device performing sensitive operations accessing such sensitive information. Nevertheless, algorithms performing these sensitive operations are subject to side-channel attacks (SCA), based on an analysis of traces from the device when performing the operation, such as power consumption or electromagnetic emissions. As an example, SCA may be used to retrieve at least of a part of a secret or private key when used in a cryptographic operation, for example as exponent of a modular exponentiation, or as a scalar used in the frame of an Elliptic curve cryptography (ECC) protocol, such as ECDSA. In order to protect a processor performing sensitive operations against side channel analysis, it may be useful to analyze the side channel emissions of such a processor when it performs sensitive operations, in order to reduce or jam such emissions by improving the processor design or by embedding countermeasures against SCA. Nevertheless, analyzing side channel emissions from outside a processor usually requires a sophisticated test-bed, which makes it both cumbersome and costly, and prevents large-scale analysis on multiple processors in parallel. In order to make easier side channel analysis, side channel emission sensors may be integrated in the processor or in its vicinity, in a SoC for example. Such a solution makes it much easier to collect side channel traces during operation of the processor. Nevertheless, a drawback of such a solution is that such integrated sensors remain in place after the product comprising the processor has been released. In addition, modem processors use integrated power and temperature sensors for various reasons such as efficiency, security and reliability control. As a result, an attacker may use these sensors for performing his own side channel attack on the processor: Software-based Hardware Attacks (SbHWA) is a recent class of such side-channel attack that doesn’t require any hardware as it uses sensors directly integrated in processors in order to eavesdrop the activity of victim applications. Such an attack does not require any laboratory equipment. Therefore, it makes remote hardware attacks possible. These attacks have been successfully conducted on various platforms such as SoC or FPGAs and demonstrate that it is possible to eavesdrop the power activity of an application using integrated sensor. [Joseph Gravellier, Jean- Max Dutertre, Yannick Teglia, and Philippe Loubet Moundi. 2021. Sideline: How Delay-Lines (May) Leak Secrets from Your SoC. In Constructive Side-Channel Analysis and Secure Design: 12th International Workshop, COSADE 2021 , Lugano, Switzerland, October 25-27, 2021 , Proceedings. Springer-Verlag, Berlin, Heidelberg, 3-30. htps://doi.org/10.1007/978-3-030-89915-8 1 ]. Such attacks can be particularly useful for side channel attacks requiring a lot of data, such as Deep Learning based side channel attacks. Indeed, they may run in background for months or years without the victim application detecting that it’s being spied on. In addition, such integrated sensors are usually electrically connected to the processor in order to enable the processor to control their operation. It adds a physical connection to the processor, which increases the attack surface of the processor and may be leveraged by an attacker to bypass protections embedded in the processor. Therefore, there is a need of a solution enabling to run side channel emission sensors in an electronic device for testing purposes, while preventing any further use of such sensors by an attacker for performing a side channel attack. SUMMARY OF THE INVENTION For this purpose and according to a first aspect, this invention therefore relates to an electronic system comprising a secure processor and an integrated sensor configured for monitoring side channel emissions of said secure processor, wherein: - the integrated sensor is electrically disconnected from the secure processor, - said secure processor is configured for performing a processing operation generating a specific side channel emission called trigger side channel emission, - said integrated sensor is configured such that monitoring said trigger side channel emission causes the integrated sensor to switch to an operation mode depending on said trigger side channel emission. Such an electronic system enables to make s