User menu

Accès à distance ? S'identifier sur le proxy UCLouvain

Towards Fair and Efficient Evaluations of Leaking Cryptographic Devices - Overview of the ERC Project CRASH, Part I -

Primary tabs

download
  • Open access
  • PDF
  • 205.30 K
Standaert, François-Xavier [UCL]

Side-channel analysis is an important concern for the security of cryptographic implementations, and may lead to powerful key recovery attacks if no countermeasures are deployed. Therefore, various types of protection mechanisms have been proposed over the last 20 years. In view of the cost and performance overheads caused by these protections, their fair evaluation is a primary concern for hardware and software designers. Yet, the physical nature of side-channel analysis also renders the security evaluation of cryptographic implementations very different than the one of cryptographic algorithms against mathematical cryptanalysis. That is, while the latter can be quantified based on (well-defined) time, data and memory complexities, the evaluation of side-channel analysis additionally requires to quantify the informativeness and exploitability of the physical leakages. This implies that a part of these security evaluations is inherently heuristic and dependent on engineering expertise. The development of sound tools allowing designers and evaluation laboratories to deal with this challenge was one of the main objectives of the CRASH project funded by the European Research Council. In this talk, I will survey a number of results we obtained in this direction, starting with concrete evaluation methodologies that are well-adapted to the investigation of current embedded devices, and following with emerging trends for future implementations. Quite naturally, a large number of researchers and teams have worked on similar directions. For each of the topics discussed, I will add a couple of references to publications that I found inspiring/relevant. The list is (obviously) incomplete and only reflects my personal interests. I apologize in advance for omissions.

Document type Communication à un colloque (Conference Paper) – Conférence invitée / Keynote
Access type Accès libre
Publication date 2016
Language Anglais
Conference "6th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE 2016)", Hyderabad (India) (du 14/12/2016 au 18/12/2016)
Peer reviewed yes
Host document Claude Carlet, M. Anwar Hasan, Vishal Saraswat ; "Proceedings of the 6th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE 2016)"- p. 353-362 (ISBN : 978-3-319-49444-9)
Collection Lecture Notes in Computer Science - 10076
Publisher Springer
Publication status Publié
Affiliation UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique
Links
  1. Archambeau C., Peeters E., Standaert F. -X., Quisquater J. -J., Template Attacks in Principal Subspaces, Lecture Notes in Computer Science (2006) ISBN:9783540465591 p.1-14, 10.1007/11894063_1
  2. Balasch Josep, Gierlichs Benedikt, Reparaz Oscar, Verbauwhede Ingrid, DPA, Bitslicing and Masking at 1 GHz, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.599-619, 10.1007/978-3-662-48324-4_30
  3. Batina Lejla, Gierlichs Benedikt, Prouff Emmanuel, Rivain Matthieu, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Mutual Information Analysis: a Comprehensive Study, 10.1007/s00145-010-9084-8
  4. Batina, L., Robshaw, M. (eds.): CHES 2014. LNCS, vol. 8731. Springer, Heidelberg (2014)
  5. Battistello Alberto, Coron Jean-Sébastien, Prouff Emmanuel, Zeitoun Rina, Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.23-39, 10.1007/978-3-662-53140-2_2
  6. Bernstein, D.J., Lange, T., van Vredendaal, C.: Tighter, faster, simpler side-channel security evaluations beyond computing power. IACR Cryptology ePrint Archive 2015:221 (2015)
  7. Bogdanov Andrey, Kizhvatov Ilya, Beyond the Limits of DPA: Combined Side-Channel Collision Attacks, 10.1109/tc.2011.140
  8. Bruneau, N., Guilley, S., Heuser, A., Marion, D., Rioul, O.: Less is more - dimensionality reduction from a theoretical perspective. In: Güneysu, T., Handschuh, H. (eds.) [28], pp. 22–41
  9. Bruneau Nicolas, Guilley Sylvain, Heuser Annelie, Rioul Olivier, Masks Will Fall Off, Lecture Notes in Computer Science (2014) ISBN:9783662456071 p.344-365, 10.1007/978-3-662-45608-8_19
  10. Cagli Eleonora, Dumas Cécile, Prouff Emmanuel, Enhancing Dimensionality Reduction Methods for Side-Channel Attacks, Smart Card Research and Advanced Applications (2016) ISBN:9783319312705 p.15-33, 10.1007/978-3-319-31271-2_2
  11. Choudary Omar, Kuhn Markus G., Efficient Template Attacks, Smart Card Research and Advanced Applications (2014) ISBN:9783319083018 p.253-270, 10.1007/978-3-319-08302-5_17
  12. Choudary Omar, Kuhn Markus G., Template Attacks on Different Devices, Constructive Side-Channel Analysis and Secure Design (2014) ISBN:9783319101743 p.179-198, 10.1007/978-3-319-10175-0_13
  13. Adam Ding, A., Zhang, L., Fei, Y., Luo, P.: A statistical model for higher order DPA on masked devices. In: Batina, L., Robshaw, M. (eds.) [4], pp. 147–169
  14. Doget Julien, Prouff Emmanuel, Rivain Matthieu, Standaert François-Xavier, Univariate side channel attacks and leakage modeling, 10.1007/s13389-011-0010-2
  15. Duc, A., Dziembowski, S., Faust, S., Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) [43], pp. 423–440
  16. Duc Alexandre, Faust Sebastian, Standaert François-Xavier, Making Masking Security Proofs Concrete, Advances in Cryptology -- EUROCRYPT 2015 (2015) ISBN:9783662467992 p.401-429, 10.1007/978-3-662-46800-5_16
  17. Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete or how to evaluate the security of any leaking device (extended version). IACR Cryptology ePrint Archive 2015:119 (2015)
  18. Durvaux François, Renauld Mathieu, Standaert François-Xavier, van Oldeneel tot Oldenzeel Loic, Veyrat-Charvillon Nicolas, Efficient Removal of Random Delays from Embedded Software Implementations Using Hidden Markov Models, Smart Card Research and Advanced Applications (2013) ISBN:9783642372872 p.123-140, 10.1007/978-3-642-37288-9_9
  19. Durvaux François, Standaert François-Xavier, From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces, Advances in Cryptology – EUROCRYPT 2016 (2016) ISBN:9783662498897 p.240-262, 10.1007/978-3-662-49890-3_10
  20. Durvaux François, Standaert François-Xavier, Del Pozo Santos Merino, Towards Easy Leakage Certification, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.40-60, 10.1007/978-3-662-53140-2_3
  21. Durvaux François, Standaert François-Xavier, Veyrat-Charvillon Nicolas, How to Certify the Leakage of a Chip?, Advances in Cryptology – EUROCRYPT 2014 (2014) ISBN:9783642552199 p.459-476, 10.1007/978-3-642-55220-5_26
  22. Durvaux François, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Mairy Jean-Baptiste, Deville Yves, Efficient Selection of Time Samples for Higher-Order DPA with Projection Pursuits, Constructive Side-Channel Analysis and Secure Design (2015) ISBN:9783319214757 p.34-50, 10.1007/978-3-319-21476-4_3
  23. Elaabid M. Abdelaziz, Guilley Sylvain, Portability of templates, 10.1007/s13389-012-0030-6
  24. Gérard Benoît, Standaert François-Xavier, Unified and optimized linear collision attacks and their application in a non-profiled setting: extended version, 10.1007/s13389-013-0051-9
  25. Gierlichs, B., Poschmann, A.Y. (eds.): CHES 2016. LNCS, vol. 9813. Springer, Heidelberg (2016)
  26. Glowacz Cezary, Grosso Vincent, Poussier Romain, Schüth Joachim, Standaert François-Xavier, Simpler and More Efficient Rank Estimation for Side-Channel Security Assessment, Fast Software Encryption (2015) ISBN:9783662481158 p.117-129, 10.1007/978-3-662-48116-5_6
  27. Grosso, V., Standaert, F.-X.: ASCA, SASCA and DPA with enumeration: which one beats the other and when? In: Iwata, T., Cheon, J.H. (eds.) [32], pp. 291–312
  28. Güneysu, T., Handschuh, H. (eds.): CHES 2015. LNCS, vol. 9293. Springer, Heidelberg (2015)
  29. Heuser, A., Rioul, O., Guilley, S.: Good is not good enough - deriving optimal distinguishers from communication theory. In: Batina, L., Robshaw, M. (eds.) [4], pp. 55–74
  30. Homma, N., Medwed, M. (eds.): CARDIS 2015. LNCS, vol. 9514. Springer, Heidelberg (2016)
  31. Ishai Yuval, Sahai Amit, Wagner David, Private Circuits: Securing Hardware against Probing Attacks, Advances in Cryptology - CRYPTO 2003 (2003) ISBN:9783540406747 p.463-481, 10.1007/978-3-540-45146-4_27
  32. Iwata, T., Cheon, J.H. (eds.): ASIACRYPT 2015. LNCS, vol. 9453. Springer, Heidelberg (2015)
  33. Lomné Victor, Prouff Emmanuel, Rivain Matthieu, Roche Thomas, Thillard Adrian, How to Estimate the Success Rate of Higher-Order Side-Channel Attacks, Lecture Notes in Computer Science (2014) ISBN:9783662447086 p.35-54, 10.1007/978-3-662-44709-3_3
  34. Lomné Victor, Prouff Emmanuel, Roche Thomas, Behind the Scene of Side Channel Attacks, Advances in Cryptology - ASIACRYPT 2013 (2013) ISBN:9783642420320 p.506-525, 10.1007/978-3-642-42033-7_26
  35. Longo, J., De Mulder, E., Page, D., Tunstall, M.: SoC It to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: Güneysu, T., Handschuh, H. (eds.) [28], pp. 620–640
  36. Mangard S., Oswald E., Standaert F.-X., One for all – all for one: unifying standard differential power analysis attacks, 10.1049/iet-ifs.2010.0096
  37. Martin Daniel P., O’Connell Jonathan F., Oswald Elisabeth, Stam Martijn, Counting Keys in Parallel After a Side Channel Attack, Advances in Cryptology – ASIACRYPT 2015 (2015) ISBN:9783662487990 p.313-337, 10.1007/978-3-662-48800-3_13
  38. Mather Luke, Oswald Elisabeth, Bandenburg Joe, Wójcik Marcin, Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests, Advances in Cryptology - ASIACRYPT 2013 (2013) ISBN:9783642420320 p.486-505, 10.1007/978-3-642-42033-7_25
  39. Mather, L., Oswald, E., Whitnall, C.: Multi-target DPA attacks: pushing DPA beyond the limits of a desktop computer. In: Sarkar, P., Iwata, T. (eds.) [56], pp. 243–261
  40. Moradi Amir, Statistical Tools Flavor Side-Channel Collision Attacks, Advances in Cryptology – EUROCRYPT 2012 (2012) ISBN:9783642290107 p.428-445, 10.1007/978-3-642-29011-4_26
  41. Moradi, A.: Side-channel leakage through static power - should we care about in practice? In: Batina, L., Robshaw, M. (eds.) [4], pp. 562–579
  42. Moradi Amir, Mischke Oliver, Eisenbarth Thomas, Correlation-Enhanced Power Analysis Collision Attack, Cryptographic Hardware and Embedded Systems, CHES 2010 (2010) ISBN:9783642150302 p.125-139, 10.1007/978-3-642-15031-9_9
  43. Nguyen, P.Q., Oswald, E. (eds.): EUROCRYPT 2014. LNCS, vol. 8441. Springer, Heidelberg (2014)
  44. Oren Yossef, Renauld Mathieu, Standaert François-Xavier, Wool Avishai, Algebraic Side-Channel Attacks Beyond the Hamming Weight Leakage Model, Cryptographic Hardware and Embedded Systems – CHES 2012 (2012) ISBN:9783642330261 p.140-154, 10.1007/978-3-642-33027-8_9
  45. Poussier Romain, Grosso Vincent, Standaert François-Xavier, Comparing Approaches to Rank Estimation for Side-Channel Security Evaluations, Smart Card Research and Advanced Applications (2016) ISBN:9783319312705 p.125-142, 10.1007/978-3-319-31271-2_8
  46. Poussier, R., Standaert, F.-X., Grosso, V., Simple key enumeration (and rank estimation) using histograms: an integrated approach. In: Gierlichs, B., Poschmann, A.Y. (eds.) [25], pp. 61–81
  47. Merino Del Pozo Santos, Standaert François-Xavier, Blind Source Separation from Single Measurements Using Singular Spectrum Analysis, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.42-59, 10.1007/978-3-662-48324-4_3
  48. Del Pozo, S.M., Standaert, F.X., Kamel, D., Moradi, A.: Side-channel attacks from static power: when should we care? In: Nebel, W., Atienza, D. (eds.) Proceedings of the 2015 Design, Automation & Test in Europe Conference & Exhibition, DATE 2015, Grenoble, France, 9–13 March 2015, pp. 145–150. ACM (2015)
  49. Prouff, E. (ed.): COSADE 2014. LNCS, vol. 8622. Springer, Heidelberg (2014)
  50. Prouff Emmanuel, Rivain Matthieu, Masking against Side-Channel Attacks: A Formal Security Proof, Advances in Cryptology – EUROCRYPT 2013 (2013) ISBN:9783642383472 p.142-159, 10.1007/978-3-642-38348-9_9
  51. Renauld Mathieu, Standaert François-Xavier, Algebraic Side-Channel Attacks, Information Security and Cryptology (2010) ISBN:9783642163418 p.393-410, 10.1007/978-3-642-16342-5_29
  52. Renauld Mathieu, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA, Lecture Notes in Computer Science (2009) ISBN:9783642041372 p.97-111, 10.1007/978-3-642-04138-9_8
  53. Renauld Mathieu, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Kamel Dina, Flandre Denis, A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices, Advances in Cryptology – EUROCRYPT 2011 (2011) ISBN:9783642204647 p.109-128, 10.1007/978-3-642-20465-4_8
  54. Reparaz, O., Gierlichs, B., Verbauwhede, I.: Generic DPA attacks: curse or blessing? In: Prouff, E. (ed.) [49], pp. 98–111
  55. Sako, K., Sarkar, P. (eds.): ASIACRYPT 2013. LNCS, vol. 8269. Springer, Heidelberg (2013)
  56. Sarkar, P., Iwata, T. (eds.): ASIACRYPT 2014. LNCS, vol. 8873. Springer, Heidelberg (2014)
  57. Schneider Tobias, Moradi Amir, Leakage assessment methodology : Extended version, 10.1007/s13389-016-0120-y
  58. Standaert François-Xavier, Archambeau Cedric, Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages, Cryptographic Hardware and Embedded Systems – CHES 2008 ISBN:9783540850526 p.411-425, 10.1007/978-3-540-85053-3_26
  59. Standaert François-Xavier, Veyrat-Charvillon Nicolas, Oswald Elisabeth, Gierlichs Benedikt, Medwed Marcel, Kasper Markus, Mangard Stefan, The World Is Not Enough: Another Look on Second-Order DPA, Advances in Cryptology - ASIACRYPT 2010 (2010) ISBN:9783642173721 p.112-129, 10.1007/978-3-642-17373-8_7
  60. Veyrat-Charvillon Nicolas, Gérard Benoît, Renauld Mathieu, Standaert François-Xavier, An Optimal Key Enumeration Algorithm and Its Application to Side-Channel Attacks, Selected Areas in Cryptography (2013) ISBN:9783642359989 p.390-406, 10.1007/978-3-642-35999-6_25
  61. Veyrat-Charvillon Nicolas, Gérard Benoît, Standaert François-Xavier, Soft Analytical Side-Channel Attacks, Lecture Notes in Computer Science (2014) ISBN:9783662456101 p.282-296, 10.1007/978-3-662-45611-8_15
  62. Veyrat-Charvillon Nicolas, Medwed Marcel, Kerckhof Stéphanie, Standaert François-Xavier, Shuffling against Side-Channel Attacks: A Comprehensive Study with Cautionary Note, Advances in Cryptology – ASIACRYPT 2012 (2012) ISBN:9783642349607 p.740-757, 10.1007/978-3-642-34961-4_44
  63. Veyrat-Charvillon Nicolas, Standaert François-Xavier, Generic Side-Channel Distinguishers: Improvements and Limitations, Advances in Cryptology – CRYPTO 2011 (2011) ISBN:9783642227912 p.354-372, 10.1007/978-3-642-22792-9_20
  64. Wang Weijia, Yu Yu, Liu Junrong, Guo Zheng, Standaert François-Xavier, Gu Dawu, Xu Sen, Fu Rong, Evaluation and Improvement of Generic-Emulating DPA Attacks, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.416-432, 10.1007/978-3-662-48324-4_21
  65. Whitnall Carolyn, Oswald Elisabeth, Robust Profiling for DPA-Style Attacks, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.3-21, 10.1007/978-3-662-48324-4_1
  66. Whitnall Carolyn, Oswald Elisabeth, Mather Luke, An Exploration of the Kolmogorov-Smirnov Test as a Competitor to Mutual Information Analysis, Smart Card Research and Advanced Applications (2011) ISBN:9783642272561 p.234-251, 10.1007/978-3-642-27257-8_15
  67. Whitnall Carolyn, Oswald Elisabeth, Standaert François-Xavier, The Myth of Generic DPA…and the Magic of Learning, Topics in Cryptology – CT-RSA 2014 (2014) ISBN:9783319048512 p.183-205, 10.1007/978-3-319-04852-9_10
Bibliographic reference Standaert, François-Xavier. Towards Fair and Efficient Evaluations of Leaking Cryptographic Devices - Overview of the ERC Project CRASH, Part I -.6th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE 2016) (Hyderabad (India), du 14/12/2016 au 18/12/2016). In: Claude Carlet, M. Anwar Hasan, Vishal Saraswat, Proceedings of the 6th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE 2016), Springer2016, p. 353-362
Permanent URL http://hdl.handle.net/2078.1/181916