Design and Implementation of a Secure RISC-V Microprocessor

Abstract

The authors detail the design of a secure, bit-serial RISC-V microprocessor that mitigates side-channel attacks using automated, ubiquitous Boolean masking, ensuring all data remains protected without resorting to manual software countermeasures. This approach incorporates additional security components like a clock randomizer and memory protection, significantly enhancing hardware resilience. Evaluated in 65 nm CMOS, the secure core withstood 20 million attack traces, dramatically exceeding the security of the unprotected baseline which was compromised in 375 traces.

Report

Structured Report: Design and Implementation of a Secure RISC-V Microprocessor

Key Highlights

• Hardware-Based Security: The core innovation is a bit-serial RISC-V microprocessor where all data values are protected using Boolean masking, ensuring the CPU never holds plain-text data.
• Side-Channel Attack Resistance: The secure implementation demonstrated extreme resilience, withstanding side-channel attacks using 20 million (20 M) traces, compared to just 375 traces required to extract keys from the baseline (unprotected) version.
• Automation and Scalability: The Boolean masking methodology is fully automated, making it applicable to RISC-V designs of arbitrary size and complexity, unlike traditional manual counter-measures.
• Software Overhead Reduction: The robust hardware protection minimizes the need for complex, performance-heavy software countermeasures, leading to reduced code size and lower performance overheads for sensitive operations.
• Integrated Components: The design includes a full suite of security features, including memory protection, a clock randomizer, and an integrated Random Number Generator (RNG) that successfully passed all NIST tests.

Technical Details

• Architecture: Bit-serial RISC-V microprocessor.
• Primary Countermeasure: Boolean masking, applied universally to all register and memory values, guaranteeing no sensitive plain-text data is exposed during execution.
• Physical Implementation: Fabricated and evaluated using 65 nm CMOS technology.
• Validation Metrics: Security was evaluated using rigorous side-channel analysis (measuring resistance to key extraction) and NIST tests (for RNG quality).
• System Components: Included a clock randomizer (to complicate timing attacks) and dedicated memory protection schemes.

Implications

• Elevating RISC-V Security: This work significantly enhances the suitability of RISC-V for high-security, sensitive applications (e.g., IoT edge computing, hardware security modules, automotive systems) by providing a proven, deep hardware root of trust against physical attacks.
• Paradigm Shift in Countermeasures: By automating the masking process and integrating it deeply into the hardware architecture, the methodology moves the responsibility for fundamental side-channel protection away from error-prone and performance-costly software layers.
• Accelerating Secure Design: The automated nature of the protection mechanism lowers the barrier for designing secure chips, allowing quicker deployment of complex, secure hardware implementations without extensive manual security hardening efforts.
• Setting a New Standard: The dramatic increase in trace resistance (from 375 traces to 20 million) establishes a high benchmark for future microprocessor security designs targeting physical security.