I read an interesting article recently on EDN regarding a new way to determine cryptographic keys using leakage power. Differential power has long been documented to be a method of cracking keys. In this paper, the author, Milena Jovanovic of the University of Montenegro demonstrated that leakage power can also be used to predict the key contents.
I can’t pretend to understand the techniques behind cryptography (my knowledge of security doesn’t go much beyond looking for the little lock icon on my browser), but this does point out the importance of accurate activity files for all power optimization, not just dynamic opt. Modern libraries have state dependent leakage tables, and the Cadence tools can perform power optimization and analysis based on the activity factors and leakage tables.
In order to effectively use this state dependent leakage, you need to have accurate data. When I talk to customers, this routinely come up as a major issue – test benches are not naturally built to generate accurate usage. Instead, test benches are built to test things – to see whether or not the design meets the requirements. One solution is to run real use cases, and capture the activity. In reality, this is difficult to do, particularly with any kind of embedded software application. Hardware accelerators can solve this problem, allowing users to run real software, and to zero in on activity areas of interest – I’ve blogged about Palladium DPA previously.
But clearly, you gotta take leakage much more seriously now. As if heat, package, and battery life concerns aren’t enough, you’ve now got to worry about security and some guy with an ammeter dissecting your algorithms!!