A Device-Centric Research of Power Side-Channel in FPGAs

As a widely used computing substrate, the side-channel security of FPGAs has attracted considerable attention, yet a systematic understanding of how FPGA device types contribute to exploitable leakage remains limited. This work presents a device-centric evaluation that maps an S-box-like function onto common FPGA primitives, including look-up table (LUT), flip-flop (FF), block RAM (BRAM), and distributed RAM (LUTRAM), and assesses Correlation Power Analysis (CPA) outcomes under the Hamming Weight (HW) and Hamming Distance (HD) power models. The results show pronounced leakage differences across device types: FF- and BRAM-based implementations exhibit substantially stronger leakage than LUT- and LUTRAM-based ones, and they frequently achieve GE=0 in our configurations, while the HD model is generally more effective than the HW model in the performed CPA evaluations. Notably, FF-, BRAM-, and LUTRAM-based implementations can already be breakable starting from one instance under the HD model in our device-level tests, indicating that exploitable leakage may manifest in real FPGA applications. These device-level observations are further validated on a practical cipher by analyzing two SM4 encryption modules that differ only in the S-box implementation style; the BRAM-based design shows significantly stronger leakage than the LUT-based design, achieving GE=2.58 versus GE=78.3 at 10,000 traces. This work highlights the critical role of device selection and implementation style in FPGA side-channel security, and it provides practical insights for designing secure FPGA applications against power side-channel analysis.