User menu

Accès à distance ? S'identifier sur le proxy UCLouvain

Towards Easy Leakage Certification

Primary tabs

download
  • Open access
  • PDF
  • 2.74 M
Durvaux, François [UCL] Standaert, François-Xavier [UCL] Merino Del Pozo, Santos [UCL]

Side-channel attacks generally rely on the availability of good leakage models to extract sensitive information from cryptographic implementations. The recently introduced leakage certification tests aim to guarantee that this condition is fulfilled based on sound statistical arguments. They are important ingredients in the evaluation of leaking devices since they allow a good separation between engineering challenges (how to produce clean measurements) and cryptographic ones (how to exploit these measurements). In this paper, we propose an alternative leakage certification test that is significantly simpler to implement than the previous proposal from Eurocrypt 2014. This gain admittedly comes at the cost of a couple of heuristic (yet reasonable) assumptions on the leakage distribution. To confirm its relevance, we first show that it allows confirming previous results of leakage certification. We then put forward that it leads to additional and useful intuitions regarding the information losses caused by incorrect assumptions in leakage modeling.

Document type Article de périodique (Journal article) – Article de recherche
Access type Accès libre
Publication date 2017
Language Anglais
Journal information "Journal of Cryptographic Engineering" - Vol. 7, no.2, p. 12-147 (17/05/2017)
Peer reviewed yes
Publisher Springer ((Germany) Heidelberg)
issn 2190-8508
e-issn 2190-8516
Publication status Publié
Affiliation UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique
Keywords Side-channel analysis ; Security evaluations
Links
  1. http://perso.uclouvain.be/fstandae/PUBLIS/171.zip
  2. http://satoh.cs.uec.ac.jp/sakura/index.html
  3. Batina Lejla, Gierlichs Benedikt, Prouff Emmanuel, Rivain Matthieu, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Mutual Information Analysis: a Comprehensive Study, 10.1007/s00145-010-9084-8
  4. Brier Eric, Clavier Christophe, Olivier Francis, Correlation Power Analysis with a Leakage Model, Lecture Notes in Computer Science (2004) ISBN:9783540226666 p.16-29, 10.1007/978-3-540-28632-5_2
  5. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Burton S.K. Jr., Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2002, 4th International Workshop, Redwood Shores, CA, USA, August 13–15, 2002, Revised Papers. Lecture Notes in Computer Science, vol. 2523, pp. 13–28. Springer (2002)
  6. Dabosville Guillaume, Doget Julien, Prouff Emmanuel, A New Second-Order Side Channel Attack Based on Linear Regression, 10.1109/tc.2012.112
  7. Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete—or how to evaluate the security of any leaking device. In: Oswald, E., Fischlin, M. (eds.) Proceedings of Advances in Cryptology—EUROCRYPT 2015—34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26–30, 2015, Part I. Lecture Notes in Computer Science, vol. 9056, pp. 401–429. Springer (2015)
  8. Durvaux François, Standaert François-Xavier, From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces, Advances in Cryptology – EUROCRYPT 2016 (2016) ISBN:9783662498897 p.240-262, 10.1007/978-3-662-49890-3_10
  9. Durvaux François, Standaert François-Xavier, Veyrat-Charvillon Nicolas, How to Certify the Leakage of a Chip?, Advances in Cryptology – EUROCRYPT 2014 (2014) ISBN:9783642552199 p.459-476, 10.1007/978-3-642-55220-5_26
  10. Dziembowski Stefan, Pietrzak Krzysztof, Leakage-Resilient Cryptography, 10.1109/focs.2008.56
  11. Gilbert Goodwill, B.J., Jaffe, J., Rohatgi, P.: A testing methodology for side channel resistance validation. In: NIST Non-invasive Attack Testing Workshop, 2011. http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf
  12. Grosso, V., Standaert, F.-X., Prouff, E.: Low entropy masking schemes, revisited. In: Francillon, A., Rohatgi, P. (eds.) Smart Card Research and Advanced Applications—12th International Conference, CARDIS 2013, Berlin, Germany, November 27–29, 2013. Revised Selected Papers. Lecture Notes in Computer Science, vol. 8419, pp. 33–43. Springer (2013)
  13. Heuser, A., Rioul, O., Guilley, S.: Good is not good enough—deriving optimal distinguishers from communication theory. In: Batina, L., Robshaw, M. (eds.) Proceedings of Cryptographic Hardware and Embedded Systems—CHES 2014—16th International Workshop, Busan, South Korea, September 23–26, 2014. Lecture Notes in Computer Science, vol. 8731 , pp. 55–74. Springer (2014)
  14. Lemke-Rust Kerstin, Paar Christof, Analyzing Side Channel Leakage of Masked Implementations with Stochastic Methods, Computer Security – ESORICS 2007 ISBN:9783540748342 p.454-468, 10.1007/978-3-540-74835-9_30
  15. Mangard S., Oswald E., Standaert F.-X., One for all – all for one: unifying standard differential power analysis attacks, 10.1049/iet-ifs.2010.0096
  16. Mather, L., Oswald, E., Bandenburg, J., Wójcik, M.: Does my device leak information? an a priori statistical power analysis of leakage detection tests. In: Sako, K., Sarkar, P. (eds.) Advances in Cryptology—ASIACRYPT 2013—19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, India, December 1–5, 2013, Proceedings, Part I. Lecture Notes in Computer Science, vol. 8269, pp. 486–505. Springer (2013)
  17. Mather Luke, Oswald Elisabeth, Whitnall Carolyn, Multi-target DPA Attacks: Pushing DPA Beyond the Limits of a Desktop Computer, Lecture Notes in Computer Science (2014) ISBN:9783662456101 p.243-261, 10.1007/978-3-662-45611-8_13
  18. Moradi, A., Standaert, F.-X.: Moments-correlating DPA. IACR Cryptol ePrint Arch. 2014, 409 (2014)
  19. Poschmann Axel, Moradi Amir, Khoo Khoongming, Lim Chu-Wee, Wang Huaxiong, Ling San, Side-Channel Resistant Crypto for Less than 2,300 GE, 10.1007/s00145-010-9086-6
  20. Prouff E., Rivain M., Bevan R., Statistical Analysis of Second Order Differential Power Analysis, 10.1109/tc.2009.15
  21. Renauld Mathieu, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Kamel Dina, Flandre Denis, A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices, Advances in Cryptology – EUROCRYPT 2011 (2011) ISBN:9783642204647 p.109-128, 10.1007/978-3-642-20465-4_8
  22. Schindler Werner, Lemke Kerstin, Paar Christof, A Stochastic Model for Differential Side Channel Cryptanalysis, Cryptographic Hardware and Embedded Systems – CHES 2005 (2005) ISBN:9783540284741 p.30-46, 10.1007/11545262_3
  23. Schneider, T., Moradi, A.: Leakage assessment methodology—a clear roadmap for side-channel evaluations. In: Güneysu, T., Handschuh, H. (eds.) Proceedings of Cryptographic Hardware and Embedded Systems—CHES 2015—17th International Workshop, Saint-Malo, France, September 13–16, 2015. Lecture Notes in Computer Science, vol. 9293, pp. 495–513. Springer (2015)
  24. Schneider, T., Moradi, A., Standaert, F.-X., Güneysu, T.: Bridging the gap: advanced tools for side-channel leakage estimation beyond gaussian templates and histograms. IACR Cryptol. ePrint Arch. 2016, 719 (2016)
  25. Spanos Aris, Probability Theory and Statistical Inference : Econometric Modeling with Observational Data, ISBN:9780511754081, 10.1017/cbo9780511754081
  26. Standaert François-Xavier, Malkin Tal G., Yung Moti, A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks, Advances in Cryptology - EUROCRYPT 2009 (2009) ISBN:9783642010002 p.443-461, 10.1007/978-3-642-01001-9_26
  27. Standaert O.-X., Peeters E., Rouvroy G., Quisquater J.-J., An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays, 10.1109/jproc.2005.862437
  28. Standaert François-Xavier, Veyrat-Charvillon Nicolas, Oswald Elisabeth, Gierlichs Benedikt, Medwed Marcel, Kasper Markus, Mangard Stefan, The World Is Not Enough: Another Look on Second-Order DPA, Advances in Cryptology - ASIACRYPT 2010 (2010) ISBN:9783642173721 p.112-129, 10.1007/978-3-642-17373-8_7
  29. Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: Knudsen, L.R., Wu, H. (eds.) Selected Areas in Cryptography, 19th International Conference, SAC 2012, Windsor, ON, Canada, August 15–16, 2012, Revised Selected Papers. Lecture Notes in Computer Science, vol. 7707, pp. 390–406. Springer (2012)
  30. Veyrat-Charvillon Nicolas, Gérard Benoît, Standaert François-Xavier, Security Evaluations beyond Computing Power, Advances in Cryptology – EUROCRYPT 2013 (2013) ISBN:9783642383472 p.126-141, 10.1007/978-3-642-38348-9_8
  31. Whitnall Carolyn, Oswald Elisabeth, A fair evaluation framework for comparing side-channel distinguishers, 10.1007/s13389-011-0011-1
Bibliographic reference Durvaux, François ; Standaert, François-Xavier ; Merino Del Pozo, Santos. Towards Easy Leakage Certification. In: Journal of Cryptographic Engineering, Vol. 7, no.2, p. 12-147 (17/05/2017)
Permanent URL http://hdl.handle.net/2078.1/187223