Grosso, Vincent
[Radboud University Nijmegen, Digital Security Group, The Netherlands]
Standaert, François-Xavier
[UCL]
Evaluating the security level of a leaking implementation against side-channel attacks is a challenging task. This is especially true when countermeasures such as masking are implemented since in this case: (i) the amount of measurements to perform a key recovery may become prohibitive for certification laboratories, and (ii) applying optimal (multivariate) attacks may be computationally intensive and technically challenging. In this paper, we show that by taking advantage of the tightness of masking security proofs, we can significantly simplify this evaluation task in a very general manner. More precisely, we show that the evaluation of a masked implementation can essentially be reduced to the one of an unprotected implementation. In addition, we show that despite optimal attacks against masking schemes are computationally intensive for large number of shares, heuristic (soft analytical side-channel) attacks can approach optimality efficiently. As part of this second contribution, we also improve over the recent multivariate (aka horizontal) side-channel attacks proposed at CHES 2016 by Battistello et al.
- Archambeau C., Peeters E., Standaert F. -X., Quisquater J. -J., Template Attacks in Principal Subspaces, Lecture Notes in Computer Science (2006) ISBN:9783540465591 p.1-14, 10.1007/11894063_1
- Balasch Josep, Gierlichs Benedikt, Grosso Vincent, Reparaz Oscar, Standaert François-Xavier, On the Cost of Lazy Engineering for Masked Software Implementations, Smart Card Research and Advanced Applications (2015) ISBN:9783319167626 p.64-81, 10.1007/978-3-319-16763-3_5
- Barthe, G., Belaïd, S., Dupressoir, F., Fouque, P.-A., Grégoire, B., Strub, P.-Y.: Verified proofs of higher-order masking. In: Oswald and Fischlin [47], pp. 457–485
- Barthe, G., Belaïd, S., Dupressoir, F., Fouque, P.-A., Grégoire, B., Strub, P.-Y., Zucchini, R.: Strong non-interference and type-directed higher-order masking. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S., (eds.) Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October, 2016, pp. 116–129. ACM (2016)
- Barthe, G., Dupressoir, F., Faust, S., Grégoire, B., Standaert, F.-X., Strub, P.-Y.: Parallel implementations of masking schemes and the bounded moment leakage model. In: Coron and Nielsen [15], pp. 535–566
- Cryptographic Hardware and Embedded Systems – CHES 2014, ISBN:9783662447086, 10.1007/978-3-662-44709-3
- Battistello Alberto, Coron Jean-Sébastien, Prouff Emmanuel, Zeitoun Rina, Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.23-39, 10.1007/978-3-662-53140-2_2
- Belaïd Sonia, Benhamouda Fabrice, Passelègue Alain, Prouff Emmanuel, Thillard Adrian, Vergnaud Damien, Randomness Complexity of Private Circuits for Multiplication, Advances in Cryptology – EUROCRYPT 2016 (2016) ISBN:9783662498958 p.616-648, 10.1007/978-3-662-49896-5_22
- Brier Eric, Clavier Christophe, Olivier Francis, Correlation Power Analysis with a Leakage Model, Lecture Notes in Computer Science (2004) ISBN:9783540226666 p.16-29, 10.1007/978-3-540-28632-5_2
- Chari Suresh, Jutla Charanjit S., Rao Josyula R., Rohatgi Pankaj, Towards Sound Approaches to Counteract Power-Analysis Attacks, Advances in Cryptology — CRYPTO’ 99 (1999) ISBN:9783540663478 p.398-412, 10.1007/3-540-48405-1_26
- Chari Suresh, Rao Josyula R., Rohatgi Pankaj, Template Attacks, Cryptographic Hardware and Embedded Systems - CHES 2002 (2003) ISBN:9783540004097 p.13-28, 10.1007/3-540-36400-5_3
- Choudary, M.O.: Efficient multivariate statistical techniques for extracting secrets from electronic devices. Ph.D. thesis, University of Cambridge (2014)
- Cooper, J., De Mulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., Rohatgi, P.: Test vector leakage assessment (TVLA) methodology in practice (extended abstract). In: ICMC 2013.
http://icmc-2013.org/wp/wp-content/uploads/2013/09/goodwillkenworthtestvector.pdf
- Coron Jean-Sébastien, Giraud Christophe, Prouff Emmanuel, Renner Soline, Rivain Matthieu, Vadnala Praveen Kumar, Conversion of Security Proofs from One Leakage Model to Another: A New Issue, Constructive Side-Channel Analysis and Secure Design (2012) ISBN:9783642299117 p.69-81, 10.1007/978-3-642-29912-4_6
- Advances in Cryptology – EUROCRYPT 2017, ISBN:9783319566191, 10.1007/978-3-319-56620-7
- Coron Jean-Sébastien, Prouff Emmanuel, Rivain Matthieu, Roche Thomas, Higher-Order Side Channel Security and Mask Refreshing, Fast Software Encryption (2014) ISBN:9783662439326 p.410-424, 10.1007/978-3-662-43933-3_21
- Daemen Joan, Rijmen Vincent, The Wide Trail Design Strategy, Cryptography and Coding (2001) ISBN:9783540430261 p.222-238, 10.1007/3-540-45325-3_20
- Ding A. Adam, Zhang Liwei, Fei Yunsi, Luo Pei, A Statistical Model for Higher Order DPA on Masked Devices, Lecture Notes in Computer Science (2014) ISBN:9783662447086 p.147-169, 10.1007/978-3-662-44709-3_9
- Duc Alexandre, Dziembowski Stefan, Faust Sebastian, Unifying Leakage Models: From Probing Attacks to Noisy Leakage., Advances in Cryptology – EUROCRYPT 2014 (2014) ISBN:9783642552199 p.423-440, 10.1007/978-3-642-55220-5_24
- Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete - or how to evaluate the security of any leaking device. In: Oswald and Fischlin [47], pp. 401–429
- Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete or how to evaluate the security of any leaking device (extended version). IACR Cryptology ePrint Archive 2015, 119 (2015)
- Durvaux François, Standaert François-Xavier, From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces, Advances in Cryptology – EUROCRYPT 2016 (2016) ISBN:9783662498897 p.240-262, 10.1007/978-3-662-49890-3_10
- Durvaux François, Standaert François-Xavier, Del Pozo Santos Merino, Towards Easy Leakage Certification, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.40-60, 10.1007/978-3-662-53140-2_3
- Durvaux François, Standaert François-Xavier, Veyrat-Charvillon Nicolas, How to Certify the Leakage of a Chip?, Advances in Cryptology – EUROCRYPT 2014 (2014) ISBN:9783642552199 p.459-476, 10.1007/978-3-642-55220-5_26
- Dziembowski Stefan, Faust Sebastian, Herold Gottfried, Journault Anthony, Masny Daniel, Standaert François-Xavier, Towards Sound Fresh Re-keying with Hard (Physical) Learning Problems, Advances in Cryptology – CRYPTO 2016 (2016) ISBN:9783662530078 p.272-301, 10.1007/978-3-662-53008-5_10
- Dziembowski Stefan, Faust Sebastian, Skorski Maciej, Noisy Leakage Revisited, Advances in Cryptology - EUROCRYPT 2015 (2015) ISBN:9783662468029 p.159-188, 10.1007/978-3-662-46803-6_6
- Fei Yunsi, Luo Qiasi, Ding A. Adam, A Statistical Model for DPA with Novel Algorithmic Confusion Analysis, Cryptographic Hardware and Embedded Systems – CHES 2012 (2012) ISBN:9783642330261 p.233-250, 10.1007/978-3-642-33027-8_14
- Gierlichs Benedikt, Batina Lejla, Tuyls Pim, Preneel Bart, Mutual Information Analysis, Cryptographic Hardware and Embedded Systems – CHES 2008 ISBN:9783540850526 p.426-442, 10.1007/978-3-540-85053-3_27
- Cryptographic Hardware and Embedded Systems – CHES 2016, ISBN:9783662531396, 10.1007/978-3-662-53140-2
- Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side channel resistance validation. In: NIST Non-invasive Attack Testing Workshop (2011).
http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf
- Goudarzi Dahmun, Rivain Matthieu, How Fast Can Higher-Order Masking Be in Software?, Lecture Notes in Computer Science (2017) ISBN:9783319566191 p.567-597, 10.1007/978-3-319-56620-7_20
- Grosso Vincent, Prouff Emmanuel, Standaert François-Xavier, Efficient Masked S-Boxes Processing – A Step Forward –, Progress in Cryptology – AFRICACRYPT 2014 (2014) ISBN:9783319067339 p.251-266, 10.1007/978-3-319-06734-6_16
- Grosso Vincent, Standaert François-Xavier, ASCA, SASCA and DPA with Enumeration: Which One Beats the Other and When?, Advances in Cryptology – ASIACRYPT 2015 (2015) ISBN:9783662487990 p.291-312, 10.1007/978-3-662-48800-3_12
- Ishai Yuval, Sahai Amit, Wagner David, Private Circuits: Securing Hardware against Probing Attacks, Advances in Cryptology - CRYPTO 2003 (2003) ISBN:9783540406747 p.463-481, 10.1007/978-3-540-45146-4_27
- Journault Anthony, Standaert François-Xavier, Very High Order Masking: Efficient Implementation and Security Evaluation, Lecture Notes in Computer Science (2017) ISBN:9783319667867 p.623-643, 10.1007/978-3-319-66787-4_30
- Lemke-Rust Kerstin, Paar Christof, Gaussian Mixture Models for Higher-Order Side Channel Analysis, Cryptographic Hardware and Embedded Systems - CHES 2007 ISBN:9783540747345 p.14-27, 10.1007/978-3-540-74735-2_2
- Lerman Liran, Poussier Romain, Bontempi Gianluca, Markowitch Olivier, Standaert François-Xavier, Template Attacks vs. Machine Learning Revisited (and the Curse of Dimensionality in Side-Channel Analysis), Constructive Side-Channel Analysis and Secure Design (2015) ISBN:9783319214757 p.20-33, 10.1007/978-3-319-21476-4_2
- Lomné, V., Prouff, E., Rivain, M., Roche, T., Thillard, A.: How to estimate the success rate of higher-order side-channel attacks. In: Batina and Robshaw [6], pp. 35–54
- Mangard S., Oswald E., Standaert F.-X., One for all – all for one: unifying standard differential power analysis attacks, 10.1049/iet-ifs.2010.0096
- Mangard Stefan, Popp Thomas, Gammel Berndt M., Side-Channel Leakage of Masked CMOS Gates, Lecture Notes in Computer Science (2005) ISBN:9783540243991 p.351-365, 10.1007/978-3-540-30574-3_24
- Martin Daniel P., Mather Luke, Oswald Elisabeth, Stam Martijn, Characterisation and Estimation of the Key Rank Distribution in the Context of Side Channel Evaluations, Advances in Cryptology – ASIACRYPT 2016 (2016) ISBN:9783662538869 p.548-572, 10.1007/978-3-662-53887-6_20
- Mather Luke, Oswald Elisabeth, Bandenburg Joe, Wójcik Marcin, Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests, Advances in Cryptology - ASIACRYPT 2013 (2013) ISBN:9783642420320 p.486-505, 10.1007/978-3-642-42033-7_25
- Mather, L., Oswald, E., Whitnall, C.: Multi-target DPA attacks: Pushing DPA beyond the limits of a desktop computer. In: Sarkar and Iwata [53], pp. 243–261
- Matsui Mitsuru, Linear Cryptanalysis Method for DES Cipher, Advances in Cryptology — EUROCRYPT ’93 ISBN:9783540576006 p.386-397, 10.1007/3-540-48285-7_33
- Advances in Cryptology – EUROCRYPT 2014, ISBN:9783642552199, 10.1007/978-3-642-55220-5
- Nikova Svetla, Rijmen Vincent, Schläffer Martin, Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches, 10.1007/s00145-010-9085-7
- Advances in Cryptology -- EUROCRYPT 2015, ISBN:9783662467992, 10.1007/978-3-662-46800-5
- Poussier Romain, Grosso Vincent, Standaert François-Xavier, Comparing Approaches to Rank Estimation for Side-Channel Security Evaluations, Smart Card Research and Advanced Applications (2016) ISBN:9783319312705 p.125-142, 10.1007/978-3-319-31271-2_8
- Prouff Emmanuel, DPA Attacks and S-Boxes, Fast Software Encryption (2005) ISBN:9783540265412 p.424-441, 10.1007/11502760_29
- Prouff Emmanuel, Rivain Matthieu, Masking against Side-Channel Attacks: A Formal Security Proof, Advances in Cryptology – EUROCRYPT 2013 (2013) ISBN:9783642383472 p.142-159, 10.1007/978-3-642-38348-9_9
- Rivain Matthieu, On the Exact Success Rate of Side Channel Analysis in the Gaussian Model, Selected Areas in Cryptography (2009) ISBN:9783642041587 p.165-183, 10.1007/978-3-642-04159-4_11
- Rivain Matthieu, Prouff Emmanuel, Provably Secure Higher-Order Masking of AES, Cryptographic Hardware and Embedded Systems, CHES 2010 (2010) ISBN:9783642150302 p.413-427, 10.1007/978-3-642-15031-9_28
- Advances in Cryptology – ASIACRYPT 2014, ISBN:9783662456071, 10.1007/978-3-662-45608-8
- Schindler Werner, Lemke Kerstin, Paar Christof, A Stochastic Model for Differential Side Channel Cryptanalysis, Cryptographic Hardware and Embedded Systems – CHES 2005 (2005) ISBN:9783540284741 p.30-46, 10.1007/11545262_3
- Schneider Tobias, Moradi Amir, Leakage assessment methodology : Extended version, 10.1007/s13389-016-0120-y
- Standaert, F.-X.: How (not) to use Welch’s t-test in side-channel security evaluations. IACR Cryptology ePrint Archive 2017, 138 (2017)
- Standaert François-Xavier, Malkin Tal G., Yung Moti, A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks, Advances in Cryptology - EUROCRYPT 2009 (2009) ISBN:9783642010002 p.443-461, 10.1007/978-3-642-01001-9_26
- Standaert François-Xavier, Veyrat-Charvillon Nicolas, Oswald Elisabeth, Gierlichs Benedikt, Medwed Marcel, Kasper Markus, Mangard Stefan, The World Is Not Enough: Another Look on Second-Order DPA, Advances in Cryptology - ASIACRYPT 2010 (2010) ISBN:9783642173721 p.112-129, 10.1007/978-3-642-17373-8_7
- Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Soft analytical side-channel attacks. In: Sarkar and Iwata [53], pp. 282–296
Bibliographic reference |
Grosso, Vincent ; Standaert, François-Xavier. Masking Proofs are Tight and How to Exploit it in Security Evaluations.37th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2018) (Tel Aviv (Israel), du 29/04/2018 au 03/05/2018). In: Jesper Buus Nielsen, Vincent Rijmen, Proceedings of EUROCRYPT 2018, Jesper Buus Nielsen, Vincent Rijmen2018, p. 385-412 |
Permanent URL |
http://hdl.handle.net/2078.1/199349 |