In: Stefan Conrad; Paul Molitor (Hrsg.). IT - information technology (IT), De Gruyter Oldenbourg, 1/2019.
Zusammenfassung
Side-channel attacks enable powerful adversarial strategies against cryptographic devices and encounter an ever-growing attack surface in today’s world of digitalization and the internet of things. While the employment of provably secure side-channel countermeasures like masking have become increasingly popular in recent years, great care must be taken when implementing these in actual devices. The reasons for this are two-fold: The models on which these countermeasures rely do not fully capture the physical reality and compliance with the requirements of the countermeasures is non-trivial in complex implementations. Therefore, it is imperative to validate the SCA-security of concrete instantiations of cryptographic devices using measurements on the actual device. In this article we propose a side-channel evaluation framework that combines an efficient data acquisition process with state-of-the-art confidence interval based leakage assessment. Our approach allows a sound assessment of the potential susceptibility of cryptographic implementations to side-channel attacks and is robust against noise in the evaluation system. We illustrate the steps in the evaluation process by applying them to a protected implementation of AES.
@article{pub10226,
author = {
Bache, Florian
and
Plump, Christina
and
Wloka, Jonas
and
Güneysu, Tim
and
Drechsler, Rolf
},
editor = {
Conrad, Stefan
and
Molitor, Paul
},
title = {Evaluation of (power) side-channels in cryptographic implementations},
year = {2019},
month = {1},
journal = {IT - information technology (IT)},
publisher = {De Gruyter Oldenbourg}
}
Deutsches Forschungszentrum für Künstliche Intelligenz German Research Center for Artificial Intelligence