Nothing Special   »   [go: up one dir, main page]
Skip to main content
SpringerLink
Log in

A Systematic Appraisal of Side Channel Evaluation Strategies

  • Conference paper
  • First Online:
Security Standardisation Research (SSR 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12529))

Included in the following conference series:

Abstract

In this paper we examine the central question that is how well do side channel evaluation regimes capture the true security level of a product. Concretely, answering this question requires considering the optimality of the attack/evaluation strategy selected by the evaluator, and the various steps to instantiate it. We draw on a number of published works and discuss whether state-of-the-art solutions for the different steps of a side-channel security evaluation offer bounds or guarantees of optimality, or if they are inherently heuristic. We use this discussion to provide an informal rating of the steps’ optimality and to put forward where risks of overstated security levels remain.

This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). François-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The most recent version of all documents relating to CC evaluations can be found on www.commoncriteriaportal.com.

  2. 2.

    (JIL Hardware Attacks Subgroup), they operate within the International Security Certification Initiative (ISCI).

  3. 3.

    For the sake of succinctness we refer the reader to the JHAS documentation for a precise definition of these factors  [48].

  4. 4.

    A target value is an intermediate value that the adversary/evaluator can predict based on knowing (parts of) the input and guessing parts of the key.

References

  1. Azouaoui, M., Poussier, R., Standaert, F.-X.: Fast side-channel security evaluation of ECC implementations: shortcut formulas for horizontal side-channel attacks against ECSM with the montgomery ladder. In: Polian, I., Stöttinger, M. (eds.) COSADE 2019. LNCS, vol. 11421, pp. 25–42. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-16350-1_3

    Chapter  Google Scholar 

  2. Benadjila, R., Khati, L., Prouff, E., Thillard, A. https://github.com/ANSSI-FR/SecAESSTM32

  3. Bilgin, B., Fischer, J.-B. (eds.): CARDIS 2018. LNCS, vol. 11389. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15462-2

    Book  Google Scholar 

  4. Bronchain, O., Schneider, T., Standaert, F.: Multi-tuple leakage detection and the dependent signal issue. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 318–345 (2019)

    Article  Google Scholar 

  5. Bronchain, O., Standaert, F.: Side-channel countermeasures’ dissection and the limits of closed source security evaluations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(2), 1–25 (2020)

    Google Scholar 

  6. Cagli, E., Dumas, C., Prouff, E.: Kernel discriminant analysis for information extraction in the presence of masking. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 1–22. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_1

    Chapter  Google Scholar 

  7. Cagli, E., Dumas, C., Prouff, E.: Convolutional neural networks with data augmentation against jitter-based countermeasures - profiling attacks without pre-processing. In: Fischer and Homma [13], pp. 45–68

    Google Scholar 

  8. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26

    Chapter  Google Scholar 

  9. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_3

    Chapter  Google Scholar 

  10. Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete (or how to evaluate the security of any leaking device), extended version. J. Cryptol. 32(4), 1263–1297 (2018). https://doi.org/10.1007/s00145-018-9277-0

    Article  MathSciNet  MATH  Google Scholar 

  11. Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part I. LNCS, vol. 9665, pp. 240–262. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_10

    Chapter  MATH  Google Scholar 

  12. Eisenbarth, T., Paar, C., Weghenkel, B.: Building a side channel based disassembler. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science X. LNCS, vol. 6340, pp. 78–99. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17499-5_4

    Chapter  Google Scholar 

  13. Fischer, W., Homma, N. (eds.): CHES 2017. LNCS, vol. 10529. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4

    Book  MATH  Google Scholar 

  14. Fumaroli, G., Martinelli, A., Prouff, E., Rivain, M.: Affine masking against higher-order side channel analysis. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 262–280. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19574-7_18

    Chapter  Google Scholar 

  15. Glowacz, C., Grosso, V., Poussier, R., Schüth, J., Standaert, F.-X.: Simpler and more efficient rank estimation for side-channel security assessment. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 117–129. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_6

    Chapter  Google Scholar 

  16. Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop (2011)

    Google Scholar 

  17. Green, J., Roy, A., Oswald, E.: A systematic study of the impact of graphical models on inference-based attacks on AES. In: Bilgin and Fischer [3], pp. 18–34

    Google Scholar 

  18. Grosso, V., Standaert, F.: ASCA, SASCA and DPA with enumeration: which one beats the other and when? In: Iwata and Cheon [25], pp. 291–312

    Google Scholar 

  19. Guilley, S., Maghrebi, H., Souissi, Y., Sauvage, L., Danger, J.: Quantifying the quality of side channel acquisitions. COSADE, February 2011

    Google Scholar 

  20. Herbst, C., Oswald, E., Mangard, S.: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 239–252. Springer, Heidelberg (2006). https://doi.org/10.1007/11767480_16

    Chapter  Google Scholar 

  21. Heuser, A., Zohner, M.: Intelligent machine homicide: breaking cryptographic devices using support vector machines. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 249–264. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29912-4_18

    Chapter  Google Scholar 

  22. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_27

    Chapter  Google Scholar 

  23. ISO/IEC JTC 1/SC 27: ISO/IEC 15408-1: Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model. International Organization for Standardization, Geneva, CH (2009)

    Google Scholar 

  24. ISO/IEC JTC 1/SC 27: ISO/IEC 17825: Information technology - Security techniques - Testing methods for the mitigation of non-invasive attack classes against cryptographic modules. International Organization for Standardization, Geneva, CH (2016)

    Google Scholar 

  25. Iwata, T., Cheon, J.H. (eds.): ASIACRYPT 2015, Part II. LNCS, vol. 9453. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48800-3

    Book  MATH  Google Scholar 

  26. Journault, A., Standaert, F.: Very high order masking: efficient implementation and security evaluation. In: Fischer and Homma [13], pp. 623–643

    Google Scholar 

  27. Lange, T., van Vredendaal, C., Wakker, M.: Kangaroos in side-channel attacks. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 104–121. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16763-3_7

    Chapter  Google Scholar 

  28. Lemke-Rust, K., Paar, C.: Gaussian mixture models for higher-order side channel analysis. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 14–27. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_2

    Chapter  Google Scholar 

  29. Lerman, L., Markowitch, O.: Efficient profiled attacks on masking schemes. IEEE Trans. Inf. Forensics Secur. 14(6), 1445–1454 (2019)

    Article  Google Scholar 

  30. Lerman, L., Medeiros, S.F., Bontempi, G., Markowitch, O.: A machine learning approach against a masked AES. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 61–75. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_5

    Chapter  Google Scholar 

  31. Lerman, L., Poussier, R., Bontempi, G., Markowitch, O., Standaert, F.-X.: Template attacks vs. machine learning revisited (and the curse of dimensionality in side-channel analysis). In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 20–33. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21476-4_2

    Chapter  Google Scholar 

  32. Mangard, S.: Hardware countermeasures against DPA – a statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24660-2_18

    Chapter  Google Scholar 

  33. Martin, D.P., Mather, L., Oswald, E.: Two sides of the same coin: counting and enumerating keys post side-channel attacks revisited. In: Smart, N.P. (ed.) CT-RSA 2018. LNCS, vol. 10808, pp. 394–412. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76953-0_21

    Chapter  Google Scholar 

  34. Martin, D.P., O’Connell, J.F., Oswald, E., Stam, M.: Counting keys in parallel after a side channel attack. In: Iwata and Cheon [25], pp. 313–337

    Google Scholar 

  35. Mather, L., Oswald, E., Bandenburg, J., Wójcik, M.: Does my device leak information? An a priori statistical power analysis of leakage detection tests. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 486–505. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42033-7_25

    Chapter  Google Scholar 

  36. National Institute of Standards and Technology: NIST FIPS 140-3. Information Technology Laboratory, NIST, Gaithersburg, MD 20899-8900

    Google Scholar 

  37. Nguyen, P.Q., Shparlinski, I.E.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Des. Codes Cryptogr. 30(2), 201–217 (2003). https://doi.org/10.1023/A:1025436905711

    Article  MathSciNet  MATH  Google Scholar 

  38. Oswald, D., Paar, C.: Improving side-channel analysis with optimal linear transforms. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 219–233. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37288-9_15

    Chapter  Google Scholar 

  39. Poussier, R., Standaert, F.-X., Grosso, V.: Simple key enumeration (and rank estimation) using histograms: an integrated approach. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 61–81. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_4

    Chapter  MATH  Google Scholar 

  40. Poussier, R., Zhou, Y., Standaert, F.: A systematic approach to the side-channel analysis of ECC implementations with worst-case horizontal attacks. In: Fischer and Homma [13], pp. 534–554

    Google Scholar 

  41. Merino Del Pozo, S., Standaert, F.-X.: Blind source separation from single measurements using singular spectrum analysis. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 42–59. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_3

    Chapter  Google Scholar 

  42. Primas, R., Pessl, P., Mangard, S.: Single-trace side-channel attacks on masked lattice-based encryption. In: Fischer and Homma [13], pp. 513–533

    Google Scholar 

  43. Prouff, E., Rivain, M., Bevan, R.: Statistical analysis of second order differential power analysis. IACR Cryptology ePrint Archive, 2010, 646 (2010)

    Google Scholar 

  44. Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N.: Algebraic side-channel attacks on the AES: why time also matters in DPA. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 97–111. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_8

    Chapter  Google Scholar 

  45. Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_3

    Chapter  Google Scholar 

  46. Schneider, T., Moradi, A.: Leakage assessment methodology - extended version. J. Cryptogr. Eng. 6(2), 85–99 (2016). https://doi.org/10.1007/s13389-016-0120-y

    Article  Google Scholar 

  47. Skorobogatov, S.: Synchronization method for SCA and fault attacks. J. Cryptogr. Eng. 1(1), 71–77 (2011). https://doi.org/10.1007/s13389-011-0004-0

    Article  Google Scholar 

  48. SOG-IS: Application of attack potential to smartcards and similar devices (2019)

    Google Scholar 

  49. SOG-IS: Attack methods for smartcards and similar devices (2020)

    Google Scholar 

  50. Standaert, F.: How (not) to use Welch’s t-test in side-channel security evaluations. In: Bilgin and Fischer [3], pp. 65–79

    Google Scholar 

  51. Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_26

    Chapter  Google Scholar 

  52. Standaert, F.-X., et al.: The world is not enough: another look on second-order DPA. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 112–129. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_7

    Chapter  Google Scholar 

  53. van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving differential power analysis by elastic alignment. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 104–119. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_8

    Chapter  Google Scholar 

  54. Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Soft analytical side-channel attacks. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 282–296. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_15

    Chapter  Google Scholar 

  55. Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_44

    Chapter  Google Scholar 

  56. Whitnall, C., Oswald, E.: A critical analysis of ISO 17825 (‘Testing Methods for the mitigation of non-invasive attack classes against cryptographic modules’). In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019, Part III. LNCS, vol. 11923, pp. 256–284. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34618-8_9

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NXP Semiconductors, Hamburg, Germany

    Melissa Azouaoui

  2. ICTEAM, UCLouvain, Louvain-la-Neuve, Belgium

    Melissa Azouaoui, Davide Bellizia, Sèbastien Duval, François Koeune & François-Xavier Standaert

  3. Radboud University, Nijmegen, The Netherlands

    Ileana Buhan

  4. IDEMIA, Paris, France

    Nicolas Debande & Christophe Giraud

  5. SGDSN, Paris, France

    Èliane Jaulmes

  6. AAU, Klagenfurt, Austria

    Elisabeth Oswald

  7. UoB, Bristol, UK

    Elisabeth Oswald & Carolyn Whitnall

Authors
  1. Melissa Azouaoui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Davide Bellizia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ileana Buhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nicolas Debande
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sèbastien Duval
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Christophe Giraud
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Èliane Jaulmes
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. François Koeune
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Elisabeth Oswald
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. François-Xavier Standaert
    View author publications

    You can also search for this author in PubMed Google Scholar

  11. Carolyn Whitnall
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Elisabeth Oswald .

Editor information

Editors and Affiliations

  1. Mozilla, London, UK

    Thyla van der Merwe

  2. Information Security Department, Royal Holloway, University of London, Egham, UK

    Chris Mitchell

  3. School of Computing, Newcastle University, Newcastle upon Tyne, UK

    Maryam Mehrnezhad

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Azouaoui, M. et al. (2020). A Systematic Appraisal of Side Channel Evaluation Strategies. In: van der Merwe, T., Mitchell, C., Mehrnezhad, M. (eds) Security Standardisation Research. SSR 2020. Lecture Notes in Computer Science(), vol 12529. Springer, Cham. https://doi.org/10.1007/978-3-030-64357-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-64357-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-64356-0

  • Online ISBN: 978-3-030-64357-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation