Cryptographic designs are vulnerable to side-channel analysis attacks. Evaluating their security during design stages is of crucial importance. The latter is achieved by very expensive (slow) analog transient-noise simulations over advanced fabrication process technologies. The main challenge of such rigorous security-evaluation analysis lies in the fact that technologies are becoming more and more complex and the physical properties of manufactured devices vary significantly due to process variations. In turn, a detailed security evaluation process imposes exponential time complexity with the circuit-size, the number of physical implementation corners (statistical variations) and the accuracy of the circuit-simulator. Given these circumstances, what is the cost of not exhausting the entire implementation space? In terms of simulation-time complexity, the benefits would clearly be significant; however, we are interested in evaluating the security implications. This question can be formulated for many other interesting side-channel contexts such as for example, how would an attack-outcome vary when the adversary is building a leakage template over one device, i.e., one physical corner, and it performs an evaluation (attack) phase of a device drawn from a different statistical corner? Alternatively, is it safe to assume that a typical (average) corner would represent the worst case in terms of security evaluation or would it be advisable to perform a security evaluation over another specific view? Finally, how would the outcome vary concretely? We ran in-depth experiments to answer these questions in the hope of finding a nice tradeoff between simulation efforts and expertise, and security-evaluation degradation. We evaluate the results utilizing methodologies such as template-attacks with a clear distinction between profiling and attack-phase statistical views. This exemplary view of what an adversary might capture in these scenarios is followed by a more complete statistical evaluation analysis utilizing tools such as the Kullback–Leibler (KL) divergence and the Jensen-Shannon (JS) divergence to draw conclusions.
In this paper we formulate and re-evaluate a recently proposed randomization-based sidechannel protection mechanism. The strength of the construction lies with its ability to comply with standard digital design flows and that it provides a security parameter which directly links side-channel security metrics. A detailed leakage model is provided and investigated for the first time, and it is linked to electronic parameters of the randomization mechanism. We develop guidelines and optimization for concrete ASIC constructions, and sheds light on this ultra low-cost leakage-randomization mechanism. The proposed circuit is natural to be utilized without or on top of the popular masking countermeasures. It is demonstrated to be considerably more efficient in terms of attack data-complexity as compared to low-order masking (i.e., number of shares d = 2). In addition, seemingly it is a nice and necessary fit to increase the noise when a too low-noise environment is expected, which impedes masking's theoretical security. Finally, it is discussed that the proposed mechanism is natural to be embedded with masked designs for higher security-levels (d > 2) while lowering significantly their asymptotically quadratic area price-tag as d increase. Robustness results are provided along with post & route cost estimations for both AES encryption and a more recently proposed permutation such as ISAP. Our design efficiently provides unprecedented three orders-of-magnitude signal-to-noise reduction with a total area-overhead of 21% and 46% for AES and Ascon-ρ, respectively. These factors are more cost-efficient than low-orders masked designs and such mechanisms are sometimes necessary when the inherent noise is not sufficient. However, the joint embedding of the proposed mechanism with masked designs potentially exponentially improve the security level they provide, all whilst enabling electronic-design friendly security mechanism.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.