Project Proposed: This project, developing a common free testbed, called TeSCASE, for side-channel analysis and security evaluation of cryptosystems, targets research and development in hardware security. The instrument under development, consisting of two platforms for hardware and software, fulfills the following objectives: - Holistic testbed: For side-channel leakage acquisition, TeSCASE provides both hardware measurement setup on real systems and a set of tools and methodologies for evaluating system specifications at different levels. (Most existing tools target hardware and not the design.) - Comprehensive attack library: The development includes various attacks (power analysis, timing-based, electro-magnetic emanation, and fault analysis) to evaluate the vulnerability/resilience of a target system. - General compatibility: TeSCASE includes measuring interfaces for different devices and consequently can be adapted in diverse application domains. - Open source: Facilitating research proliferation, the instrument results will be made open to the public. Analyzing side-channel information and exploiting it in side-channel attacks is expected to contribute in the understanding of the design, implementation, and new countermeasures. The work facilitates research on developing provable (side-channel analysis) SCA-resilient cryptographic systems that could lead to discoveries and inventions in multiple aspects of hardware security, fundamental side-channel analysis modeling, effective countermeasures, leakage-resilient cryptography, and fields products in security evaluation. This work develops an open holistic testbed for analyzing a system?s side-channel leakage and hardware security. While the testbed hardware platform services various side-channel leakage acquisitions, the software platform controls the hardware interface, simulates designs at different levels, estimates side-channel leakage, analyzes the leaked information, and evaluates hardware security with multiple metrics. The side channel analysis library provides a suite of known side-channel attacks and countermeasures. Broader Impacts: This development project could lead to the formulation of test metrics and evaluation standards. TeSCASE can be incorporated into the design process opening opportunities for exploring security countermeasures early in the design process. In addition to the contribution in research, the instrument might aid the semiconductor business and the government. On the educational side, a new graduate level course and an undergraduate-level lab should raise awareness of the need for security in the design and implementation of computing systems, consequently enabling the training of students with adequate hardware security knowledge and skills. TrustHub and cybersecurity competitions will help to disseminate the results. TeSCASE will be evaluated with selected applications on realistic devices and systems. Furthermore, the project seeks women and minority groups.
