Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests

Mather, Luke; Oswald, Elisabeth; Bandenburg, Joe; Wójcik, Marcin

doi:10.1007/978-3-642-42033-7_25

Cited by 65 publications

(45 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Typical significance levels in statistics are 0.05 and 0.00001 [15]. However, here we aim at choosing the threshold in a less arbitrary, data-driven way.…”

Section: A On the Choice Of The T-test Thresholdmentioning

confidence: 99%

On the Cost of Lazy Engineering for Masked Software Implementations

Balasch

Gierlichs

Grosso

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Masking is one of the most popular countermeasures to mitigate side-channel analysis. Yet, its deployment in actual cryptographic devices is well known to be challenging, since designers have to ensure that the leakage corresponding to different shares is independent. Several works have shown that such an independent leakage assumption may be contradicted in practice, because of physical effects such as "glitches" or "transitionbased" leakages. As a result, implementing masking securely can be a time-consuming engineering problem. This is in strong contrast with recent and promising approaches for the automatic insertion of countermeasures exploiting compilers, that aim to limit the development time of side-channel resistant software. Motivated by this contrast, we question what can be hoped for these approaches -or more generally for masked software implementations based on careless assembly generation. For this purpose, our first contribution is a simple reduction from security proofs obtained in a (usual but not always realistic) model where leakages depend on the intermediate variables manipulated by the target device, to security proofs in a (more realistic) model where the transitions between these intermediate variables are leaked. We show that the cost of moving from one context to the other implies a division of the security order by two for masking schemes. Next, our second and main contribution is to provide an exhaustive empirical validation of this reduction, based on two microcontrollers, several (handwritten and compiler-based) ways of generating assembly codes, with and without "recycling" the randomness used for sharing. These experiments confirm the relevance of our analysis, and therefore quantify the cost of lazy engineering for masking.

show abstract

“…Typical significance levels in statistics are 0.05 and 0.00001 [15]. However, here we aim at choosing the threshold in a less arbitrary, data-driven way.…”

Section: A On the Choice Of The T-test Thresholdmentioning

confidence: 99%

On the Cost of Lazy Engineering for Masked Software Implementations

Balasch

Gierlichs

Grosso

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…In this respect, a natural solution is to consider a target with smaller range, and at the extreme, a binary random variable. This is in fact what is advertised in the leakage detection test introduced in [10] and further discussed in [15]. Here, the authors try to detect leakage points where there is a significant difference between two classes: the first corresponding to fixed plaintexts, the second corresponding to random plaintexts.…”

Section: Discussion and Comparison With Existing Workmentioning

confidence: 95%

“…whether the leakages are value-based or transition-based [2]). Using non-specific tests such as [10,15] can mitigate this requirement (although it does not totally suppress it).…”

Section: Discussion and Comparison With Existing Workmentioning

confidence: 99%

Efficient Selection of Time Samples for Higher-Order DPA with Projection Pursuits

Durvaux

Standaert

Veyrat-Charvillon

et al. 2015

Constructive Side-Channel Analysis and Secure Design

View full text Add to dashboard Cite

Abstract. The selection of points-of-interest in leakage traces is a frequently neglected problem in the side-channel literature. However, it can become the bottleneck of practical adversaries/evaluators as the size of the measurement traces increases, especially in the challenging context of masked implementations, where only a combination of multiple shares reveals information in higher-order statistical moments. In this paper, we describe new (black box) tools for efficiently dealing with this problem. The proposed techniques exploit projection pursuits and specialized local search algorithms, work with minimum memory requirements and practical time complexity. We validate them with two case-studies of unprotected and first-order masked implementations in an 8-bit device, the latter one being hard to analyze with previously known methods.

show abstract

“…By exploiting these potentialities, we could confirm previous results on threshold implementations and make our analyzes more precise. In this section, we want to conclude by arguing why MC-DPA consequently makes an interesting candidate for leakage detection tests, such as the T-test and MI-tests discussed in [19].…”

Section: Discussion: Recycling Cepaca To Gain Confidencementioning

confidence: 99%

“…We also observe that attacks focusing on second-order moments are more efficient than attacks focusing on third-order ones for this implementation (as already found in [1]), and provide a more confident and quantitative analysis of this fact, thanks to the metric feature of MC-DPA. We then conclude by showing that MC-DPA is a promising candidate for efficient leakage detection tests [19], with easy-to-compute confidence level indicators.…”

Section: Introductionmentioning

confidence: 89%

Moments-Correlating DPA

Moradi

Standaert

2016

Proceedings of the 2016 ACM Workshop on Theory of Implementation Security

View full text Add to dashboard Cite

We generalize correlation-enhanced power analysis collision attacks into moments-correlating DPA. The resulting distinguisher is applicable to the profiled and non-profiled (collision) settings and is able to exploit information lying in any statistical moment. It also benefits from a simple ruleof-thumb to estimate its data complexity. Experimental results show that such a tool allows answering with confidence to some important questions regarding the design of sidechannel countermeasures (e.g. what is the most informative statistical moment in the leakages of a threshold implementation). We further argue that moments-correlating DPA is a natural candidate for leakage detection tests, enjoying the simplicity of correlation power analysis and advanced features for the evaluation of higher-order attacks with an easy-to-compute confidence level.

show abstract

Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests

Cited by 65 publications

References 22 publications

On the Cost of Lazy Engineering for Masked Software Implementations

On the Cost of Lazy Engineering for Masked Software Implementations

Efficient Selection of Time Samples for Higher-Order DPA with Projection Pursuits

Moments-Correlating DPA

Contact Info

Product

Resources

About