Open Hardware, Hidden Risks: Mitigating passive power side-channel leakage in RISC-V microcontrollers

Today's digital infrastructure is based on secure telecommunications which is crucial in all kinds of applications, from electronic payments and transaction to smart homes. In such a context, data security and confidentiality are fundamental requirements. Encryption algorithms ensure these objectives by transforming sensitive data into unintelligible information, decipherable only with the correct secret key. While these algorithms are mathematically secure, their hardware implementations remain vulnerable to side-channel attacks (SCAs), which exploit physical leakages such as timing or power consumption rather than algorithmic weaknesses. Correlations between power traces and the internal state of a device can reveal secret information, undermining cryptographic protections. This thesis investigates the vulnerability of standard encryption schemes to SCAs, with a focus on resource-constrained embedded systems based on the royalty-free RISC-V architecture. A RISC-V microcontroller was ported to the ChipWhisperer platform, an open-source suite for hardware security evaluation, to experimentally assess leakage. The study targets two algorithms: the Advanced Encryption Standard (AES) and ASCON, a lightweight cipher explicitly designed for constrained devices with resistance against physical attacks in mind. To deepen the analysis, the impact of substitution box (S-Box) design on side-channel resistance was examined. The original S-Boxes of AES and ASCON were compared with modified versions that enhance resistance to SCAs at the expense of certain mathematical properties, revealing a fundamental trade-off between resistance to classical cryptanalysis and physical attack resilience. The effectiveness of these design choices was validated through experimental evaluation on the RISC-V microcontroller.