Side-channel attacks (SCAs) have become a significant threat nowadays to cryptographic devices, especially central processing units (CPUs). Based on the implementation of AES-128, the side-channel information leakage analysis is carried out in a 32-bit CPU microarchitecture in this work. Correlation power analysis (CPA) results show that it is obvious to reveal the secret key by using only 30 power traces based on the net-list simulation. Three flexibly configurable hardware-based countermeasures are proposed to prevent information leakage in the arithmetic and logic unit (ALU), register file (RF) and load/store unit (LSU), respectively, which are the most sensitive components according to our analysis. The proposed countermeasures have different protection effects on the CPU since the required trace number to reveal the secret key has increased from 30 to 100∼120,000. Moreover, the anti-attack capability of the CPU is improved by 4000 times using the three countermeasures simultaneously. The proposed countermeasures can be freely combined while considering the CPU security and implementation overhead. In practice, the anti-attack capability of the CPU can be further improved when the proposed countermeasures are implemented in real-world measurements, because additional noise will be introduced during the measurements.

如今，旁道攻击 (SCA) 已成为加密设备，尤其是中央处理单元 (CPU) 的重大威胁。本文基于AES-128的实现，在32位CPU微架构中进行了侧信道信息泄漏分析。相关功率分析（CPA）结果表明，基于网表模拟，仅使用 30 条功率迹线就可以明显地泄露密钥。提出了三种可灵活配置的基于硬件的对策，以防止算术和逻辑单元 (ALU)、寄存器文件 (RF) 和加载/存储单元 (LSU) 中的信息泄漏，根据我们的分析，它们是最敏感的组件。所提出的对策对 CPU 具有不同的保护效果，因为揭示密钥所需的跟踪数已从 30 增加到 100~120,000。而且，同时使用三种对策，CPU的抗攻击能力提高了4000倍。在考虑 CPU 安全性和实现开销的同时，建议的对策可以自由组合。在实践中，当在实际测量中实施所提出的对策时，可以进一步提高 CPU 的抗攻击能力，因为在测量过程中会引入额外的噪声。在考虑 CPU 安全性和实现开销的同时，建议的对策可以自由组合。在实践中，当在实际测量中实施所提出的对策时，可以进一步提高 CPU 的抗攻击能力，因为在测量过程中会引入额外的噪声。在考虑 CPU 安全性和实现开销的同时，建议的对策可以自由组合。在实践中，当在实际测量中实施所提出的对策时，可以进一步提高 CPU 的抗攻击能力，因为在测量过程中会引入额外的噪声。