The down scaling of semiconductor technology throughout the past decades has led to the emergence of non-negligible leakage currents in Integrated Circuits (ICs). These currents cause an undesired power consumption in computing hardware even in the absence of computation, for example during idle or standby times. Worse yet, leakage currents act as a side channel and reveal sensitive information to adversaries who have physical access to security devices and wish to extract internally processed secrets. Previous works have shown that it is indeed possible to exploit this side channel for key recovery attacks against cryptographic hardware manufactured in nanometer CMOS technologies. In this work we report the results of a long-term study on the subject spanning over multiple years and involving a sizable amount of resources and engineering effort. In particular, we designed, taped-out and analyzed custom ICs in four different nanometer CMOS technologies, namely 90nm, 65nm, 40nm and 28nm, and bechmarked the vulnerability of identical AES co-processors on the four chips to static power attacks. Our results show clearly that the susceptibility of the AES implementations depends directly on the feature size of the underlying IC technology, with attacks on the 28nm node being most powerful. These results show an evolution of the static power side channel which is undesirable at best, highly dangerous at worst for designers of security critical hardware in modern technology generations. Hence, we argue that leakage currents cannot be neglected anymore when certifying the security of embedded devices against physical adversaries.
Thorben Moos received the B.Sc. and M.Sc. degrees in IT security from Ruhr-Universität Bochum in Germany, in 2014 and 2016, respectively. In 2021 he obtained his PhD degree in Electrical Engineering and Information Technology with greatest honors (summa cum laude) from Ruhr-Universität Bochum. Since then he is a postdoctoral researcher at Université catholique de Louvain (UCLouvain), in Louvain-la-Neuve, Belgium. He authored more than 20 peer-reviewed articles in high-ranking international journals and conferences including IEEE S&P, EUROCRYPT and TCHES (including a best paper award in 2019). His research interests include symmetric cryptography and physical security of embedded devices with specialization in nanoscale side-channel analysis and secure ASIC implementation.