Projekte pro Jahr
Abstract
In recent years, many leakage-resilient schemes have been published. These schemes guarantee security against side-channel attacks given bounded leakage of the underlying primitive. However, it is a challenging task to reliably determine these leakage bounds from physical properties.
In this work, we present a novel approach to find reliable leakage bounds for side channels of cryptographic implementations when the input data complexity is limited such as in leakage-resilient schemes. By mapping results from communication theory to the side-channel domain, we show that the channel capacity is the natural upper bound for the mutual information (MI) to be learned from multivariate side-channels with Gaussian noise. It shows that this upper bound is determined by the device-specific signal-to-noise ratio (SNR). We further investigate the case when attackers are capable of measuring the same side-channel leakage multiple times and perform signal averaging. Our results here indicate that the gain in the SNR obtained from averaging is exponential in the number of points of interest that are used from the leakage traces. Based on this, we illustrate how the side-channel capacity gives a tool to compute the minimum attack complexity to learn a certain amount of information from side-channel leakage. We then show that our MI bounds match with reality by evaluating the MI in multivariate Gaussian templates built from practical measurements on an ASIC. We finally use our model to show the security of the Keccak-f[400]-based authenticated encryption scheme ISAP on this ASIC against power analysis attacks.
In this work, we present a novel approach to find reliable leakage bounds for side channels of cryptographic implementations when the input data complexity is limited such as in leakage-resilient schemes. By mapping results from communication theory to the side-channel domain, we show that the channel capacity is the natural upper bound for the mutual information (MI) to be learned from multivariate side-channels with Gaussian noise. It shows that this upper bound is determined by the device-specific signal-to-noise ratio (SNR). We further investigate the case when attackers are capable of measuring the same side-channel leakage multiple times and perform signal averaging. Our results here indicate that the gain in the SNR obtained from averaging is exponential in the number of points of interest that are used from the leakage traces. Based on this, we illustrate how the side-channel capacity gives a tool to compute the minimum attack complexity to learn a certain amount of information from side-channel leakage. We then show that our MI bounds match with reality by evaluating the MI in multivariate Gaussian templates built from practical measurements on an ASIC. We finally use our model to show the security of the Keccak-f[400]-based authenticated encryption scheme ISAP on this ASIC against power analysis attacks.
Originalsprache | englisch |
---|---|
Titel | 16th Smart Card Research and Advanced Application Conference - CARDIS 2017 |
Herausgeber (Verlag) | Springer |
DOIs | |
Publikationsstatus | Veröffentlicht - 2018 |
Veranstaltung | CARDIS 2017: 17th Smart Card Research and Advanced Application Conference - Lugano, Schweiz Dauer: 13 Nov. 2017 → 15 Nov. 2017 Konferenznummer: 16 |
Konferenz
Konferenz | CARDIS 2017 |
---|---|
Kurztitel | CARDIS |
Land/Gebiet | Schweiz |
Ort | Lugano |
Zeitraum | 13/11/17 → 15/11/17 |
Fingerprint
Untersuchen Sie die Forschungsthemen von „Leakage Bounds for Gaussian Side Channels“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 2 Abgeschlossen
-
EU - SOPHIA - Absicherung von Software gegen Physische Angriffe
1/09/16 → 31/08/21
Projekt: Forschungsprojekt
-
SCALAS - Leakage-resilient Protokolle [Original in Englisch: Secure Contactless Applications based on Leakage-resilient cryptographic Schemes]
Peßl, P. & Mangard, S.
1/07/14 → 31/12/16
Projekt: Forschungsprojekt