Theoretical Security Evaluation Against Side-Channel Cube Attack with Key Enumeration

2019 ◽  
pp. 145-165
Author(s):  
Haruhisa Kosuge ◽  
Hidema Tanaka
Keyword(s):  
Security Evaluation ◽  
Side Channel ◽  
Cube Attack

scholarly journals How to fool a black box machine learning based side-channel security evaluation

2021 ◽  
Author(s):  
Charles-Henry Bertrand Van Ouytsel ◽  
Olivier Bronchain ◽  
Gaëtan Cassiers ◽  
François-Xavier Standaert
Keyword(s):  
Machine Learning ◽  
Black Box ◽  
Security Evaluation ◽  
Side Channel

scholarly journals Reactive side-channel countermeasures: Applicability and quantitative security evaluation

2018 ◽  
Vol 62 ◽  
pp. 50-60 ◽  
Author(s):  
Giovanni Agosta ◽  
Alessandro Barenghi ◽  
Gerardo Pelosi ◽  
Michele Scandale
Keyword(s):  
Security Evaluation ◽  
Side Channel

scholarly journals A Fast and Accurate Guessing Entropy Estimation Algorithm for Full-key Recovery

2020 ◽  
pp. 26-48
Author(s):  
Ziyue Zhang ◽  
A. Adam Ding ◽  
Yunsi Fei
Keyword(s):  
Experimental Data ◽  
Computational Cost ◽  
Estimation Method ◽  
Estimation Algorithm ◽  
Estimation Methods ◽  
Security Evaluation ◽  
Side Channel ◽  
Data Sets ◽  
Key Recovery ◽  
Entropy Estimation

Guessing entropy (GE) is a widely adopted metric that measures the average computational cost needed for a successful side-channel analysis (SCA). However, with current estimation methods where the evaluator has to average the correct key rank over many independent side-channel leakage measurement sets, full-key GE estimation is impractical due to its prohibitive computing requirement. A recent estimation method based on posterior probabilities, although scalable, is not accurate.We propose a new guessing entropy estimation algorithm (GEEA) based on theoretical distributions of the ranking score vectors. By discovering the relationship of GE with pairwise success rates and utilizing it, GEEA uses a sum of many univariate Gaussian probabilities instead of multi-variate Gaussian probabilities, significantly improving the computation efficiency.We show that GEEA is more accurate and efficient than all current GE estimations. To the best of our knowledge, it is the only practical full-key GE evaluation on given experimental data sets which the evaluator has access to. Moreover, it can accurately predict the GE for larger sizes than the experimental data sets, providing comprehensive security evaluation.

Leakage squeezing: Optimal implementation and security evaluation

2014 ◽  
Vol 8 (3) ◽  
Author(s):  
Claude Carlet ◽  
Jean-Luc Danger ◽  
Sylvain Guilley ◽  
Houssem Maghrebi
Keyword(s):  
Power Analysis ◽  
Hamming Distance ◽  
Security Evaluation ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Correlation Power Analysis ◽  
Zero Offset ◽  
Sophisticated Analysis ◽  
Sensitive Variable ◽  
Optimal Implementation

AbstractHardware devices can be protected against side-channel attacks by introducing one random mask per sensitive variable. The computation throughout is unaltered if the shares (masked variable and mask) are processed concomitantly, in two distinct registers. Nonetheless, this setup can still be attacked if the side-channel is squared, because this operation causes an interference between the two shares. This more sophisticated analysis is referred to as a zero-offset second-order correlation power analysis (CPA) attack. When the device leaks in Hamming distance, the countermeasure can be improved by the “leakage squeezing”. It consists in manipulating the mask through a bijection, aimed at reducing the dependency between the shares' leakage. Thus

Side Channel Cube Attack on PRESENT

2009 ◽  
pp. 379-391 ◽  
Author(s):  
Lin Yang ◽  
Meiqin Wang ◽  
Siyuan Qiao
Keyword(s):  
Side Channel ◽  
Cube Attack

scholarly journals Security Evaluation Against Side-Channel Analysis at Compilation Time

2019 ◽  
pp. 129-148 ◽  
Author(s):  
Nicolas Bruneau ◽  
Charles Christen ◽  
Jean-Luc Danger ◽  
Adrien Facon ◽  
Sylvain Guilley
Keyword(s):  
Security Evaluation ◽  
Side Channel ◽  
Side Channel Analysis ◽  
Channel Analysis

scholarly journals Masked Accelerators and Instruction Set Extensions for Post-Quantum Cryptography

2021 ◽  
pp. 414-460
Author(s):  
Tim Fritzmann ◽  
Michiel Van Beirendonck ◽  
Debapriya Basu Roy ◽  
Patrick Karl ◽  
Thomas Schamberger ◽  
...  
Keyword(s):  
Quantum Cryptography ◽  
Research Effort ◽  
Security Evaluation ◽  
Side Channel ◽  
Instruction Set ◽  
First Order ◽  
Cycle Count ◽  
Instruction Set Extensions ◽  
Post Quantum Cryptography ◽  
Different Characteristics

Side-channel attacks can break mathematically secure cryptographic systems leading to a major concern in applied cryptography. While the cryptanalysis and security evaluation of Post-Quantum Cryptography (PQC) have already received an increasing research effort, a cost analysis of efficient side-channel countermeasures is still lacking. In this work, we propose a masked HW/SW codesign of the NIST PQC finalists Kyber and Saber, suitable for their different characteristics. Among others, we present a novel masked ciphertext compression algorithm for non-power-of-two moduli. To accelerate linear performance bottlenecks, we developed a generic Number Theoretic Transform (NTT) multiplier, which, in contrast to previously published accelerators, is also efficient and suitable for schemes not based on NTT. For the critical non-linear operations, masked HW accelerators were developed, allowing a secure execution using RISC-V instruction set extensions. With the proposed design, we achieved a cycle count of K:214k/E:298k/D:313k for Kyber and K:233k/E:312k/D:351k for Saber with NIST Level III parameter sets. For the same parameter sets, the masking overhead for the first-order secure decapsulation operation including randomness generation is a factor of 4.48 for Kyber (D:1403k)and 2.60 for Saber (D:915k).

Sign in / Sign up

Export Citation Format

Share Document