PROLEAD evaluates the probing security of masked circuits by mimicking an adversary's ability to extract sensitive information through abstract probes. In this context, a probe represents the potential information an adversary might gather by observing the circuit's execution. Each probe records the stable signal of the wire on which it is placed, capturing this signal during a specific clock cycle. An adversary, constrained by the order setting of PROLEAD, can place a limited number of probes on arbitrary wires and during chosen clock cycles. PROLEAD then performs a statistical test on a simulated set of joint observations gathered from the probes. This analysis determines whether the information captured by the adversary reveals any sensitive data processed within the circuit. Through these evaluations, PROLEAD helps designers identify and mitigate potential security weaknesses in masked circuits.

To enable a comprehensive security analysis, PROLEAD, by default, evaluates all possible probing adversaries capable of placing d probes. An initial example, we show the default adversary generation based on a masked circuit specified by the following netlist. The given animation shows how PROLEAD iterates through all adversaries with the ability to place 2 probes on arbitrary wires. Note that we do not allow to place probes directly on primary inputs as we assume that shared inputs are uniformly distributed.

module dom_indep_d1 (clk, a, b, c, r); input clk; input [1:0] a; input [1:0] b; input [0:0] r; output [1:0] c; wire i0, i1, i2, i3, j0, j1, l0, l1; AND2_X1 U0 (.A1(a[0]), .A2(b[0]), .ZN(i0)); AND2_X1 U1 (.A1(a[0]), .A2(b[1]), .ZN(i1)); AND2_X1 U2 (.A1(a[1]), .A2(b[0]), .ZN(i2)); AND2_X1 U3 (.A1(a[1]), .A2(b[1]), .ZN(i3)); XOR2_X1 U4 (.A(i1), .B(r), .Z(j0)); XOR2_X1 U5 (.A(i2), .B(r), .Z(j1)); DFF_X1 U6 (.D(j0), .CK(clk), .Q(l0)); DFF_X1 U7 (.D(j1), .CK(clk), .Q(l1)); XOR2_X1 U8 (.A(i0), .B(l0), .Z(c[0])); XOR2_X1 U9 (.A(i3), .B(l1), .Z(c[1])); endmodule

By default, PROLEAD applies a glitch-extension procedure to each probe, simulating the impact of glitches on adversarial observations. Through this process, each probe is replaced by a set of glitch-extended probes on all wires that contribute to the probed signal via combinational logic. Additionally, the transitional_leakage setting enables the simulation of the leakage caused signal transitions by substituting each probe with two probes that record data over two consecutive clock cycles, thereby capturing the effect of these transitions on adversarial observations. The following animation shows the glitch-extension procedure applied by PROLEAD based on a selected adversary.