Leakage Certification Revisited: Bounding Model Errors in Side-Channel Security Evaluations

2019 ◽  
pp. 713-737 ◽  
Author(s):  
Olivier Bronchain ◽  
Julien M. Hendrickx ◽  
Clément Massart ◽  
Alex Olshevsky ◽  
François-Xavier Standaert
Keyword(s):  
Side Channel ◽  
Model Errors ◽  
Security Evaluations ◽  
Bounding Model

scholarly journals Side-Channel Countermeasures’ Dissection and the Limits of Closed Source Security Evaluations

2020 ◽  
pp. 1-25 ◽  
Author(s):  
Olivier Bronchain ◽  
François-Xavier Standaert
Keyword(s):  
Machine Learning ◽  
Open Source ◽  
Side Channel ◽  
Learning Tools ◽  
Side Channel Attacks ◽  
Data Dependencies ◽  
Security Evaluations ◽  
Systèmes D’Information ◽  
Closed Source ◽  
Leakage Assessment

We take advantage of a recently published open source implementation of the AES protected with a mix of countermeasures against side-channel attacks to discuss both the challenges in protecting COTS devices against such attacks and the limitations of closed source security evaluations. The target implementation has been proposed by the French ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) to stimulate research on the design and evaluation of side-channel secure implementations. It combines additive and multiplicative secret sharings into an affine masking scheme that is additionally mixed with a shuffled execution. Its preliminary leakage assessment did not detect data dependencies with up to 100,000 measurements. We first exhibit the gap between such a preliminary leakage assessment and advanced attacks by demonstrating how a countermeasures’ dissection exploiting a mix of dimensionality reduction, multivariate information extraction and key enumeration can recover the full key with less than 2,000 measurements. We then discuss the relevance of open source evaluations to analyze such implementations efficiently, by pointing out that certain steps of the attack are hard to automate without implementation knowledge (even with machine learning tools), while performing them manually is straightforward. Our findings are not due to design flaws but from the general difficulty to prevent side-channel attacks in COTS devices with limited noise. We anticipate that high security on such devices requires significantly more shares.

scholarly journals Breaking Masked Implementations with Many Shares on 32-bit Software Platforms

2021 ◽  
pp. 202-234
Author(s):  
Olivier Bronchain ◽  
François-Xavier Standaert
Keyword(s):  
Positive Impact ◽  
Side Channel ◽  
Lightweight Cryptography ◽  
Key Recovery ◽  
Information Theoretic ◽  
Maximum Security ◽  
Software Implementations ◽  
Software Platforms ◽  
Security Evaluations ◽  
Security Guarantees

We explore the concrete side-channel security provided by state-of-theart higher-order masked software implementations of the AES and the (candidate to the NIST Lightweight Cryptography competition) Clyde, in ARM Cortex-M0 and M3 devices. Rather than looking for possibly reduced security orders (as frequently considered in the literature), we directly target these implementations by assuming their maximum security order and aim at reducing their noise level thanks to multivariate, horizontal and analytical attacks. Our investigations point out that the Cortex-M0 device has so limited physical noise that masking is close to ineffective. The Cortex-M3 shows a better trend but still requires a large number of shares to provide strong security guarantees. Practically, we first exhibit a full 128-bit key recovery in less than 10 traces for a 6-share masked AES implementation running on the Cortex-M0 requiring 232 enumeration power. A similar attack performed against the Cortex-M3 with 5 shares require 1,000 measurements with 244 enumeration power. We then show the positive impact of lightweight block ciphers with limited number of AND gates for side-channel security, and compare our attacks against a masked Clyde with the best reported attacks of the CHES 2020 CTF. We complement these experiments with a careful information theoretic analysis, which allows interpreting our results. We also discuss our conclusions under the umbrella of “backwards security evaluations” recently put forwards by Azouaoui et al. We finally extrapolate the evolution of the proposed attack complexities in the presence of additional countermeasures using the local random probing model proposed at CHES 2020.

scholarly journals Experimental Robust Control of Structural Acoustic Radiation

1999 ◽  
Vol 121 (4) ◽  
pp. 433-439 ◽  
Author(s):  
D. E. Cox ◽  
G. P. Gibbs ◽  
R. L. Clark ◽  
J. S. Vipperman
Keyword(s):  
Robust Control ◽  
Ad Hoc ◽  
Acoustic Radiation ◽  
Experimental Results ◽  
Model Errors ◽  
Control Effort ◽  
Acoustic Control ◽  
Uncertainty Model ◽  
Bounding Model ◽  
Control Designs

This work addresses the design and application of robust controllers for structural acoustic control. Both simulation and experimental results are presented. H∞ and μ-synthesis design methods were used to design feedback controllers which minimize power radiated from a panel while avoiding instability due to unmodeled dynamics. Specifically, high-order structural modes which couple strongly to the actuator-sensor path were poorly modeled. This model error was analytically bounded with an uncertainty model which allowed controllers to be designed without artificial limits on control effort. It is found that robust control methods provide the control designer with physically meaningful parameters with which to tune control designs and can be very useful in determining limits of performance. However, experimental results also showed poor robustness properties for control designs with ad-hoc uncertainty models. The importance of quantifying and bounding model errors is discussed.

scholarly journals Understanding the limitations and improving the relevance of SPICE simulations in side-channel security evaluations

2014 ◽  
Vol 4 (3) ◽  
pp. 187-195 ◽  
Author(s):  
Dina Kamel ◽  
Mathieu Renauld ◽  
Denis Flandre ◽  
François-Xavier Standaert
Keyword(s):  
Side Channel ◽  
Security Evaluations

scholarly journals Constructing Keyed Hash Algorithm Using Enhanced Chaotic Map with Varying Parameter

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Hongjun Liu ◽  
Abdurahman Kadir ◽  
Chao Ma ◽  
Chengbo Xu
Keyword(s):  
Chaotic Map ◽  
Side Channel ◽  
Side Channel Attack ◽  
Transient Effect ◽  
Quadratic Map ◽  
Initial Values ◽  
Hash Algorithm ◽  
Parameter Sequence ◽  
Security Evaluations

A keyed hash algorithm is proposed based on 1-D enhanced quadratic map (EQM) with varying parameter. Three measures, including assigning unique one-time keys, key expansion, and hash length extension, are taken to enhance its security. First, the message is transformed into a parameter sequence for the EQM to be absorbed, and then the extended keys are generated as the initial values of the EQM. Finally, the EQM is iterated with redundant loops to transform the variable values into a hash value. The algorithm is so flexible that it can generate hash value with different lengths of 256, 512, 1024, or more bits through a parameter switcher, and redundant loops can eliminate the transient effect of chaos and mitigate the increasing threat of the side-channel attack. Security evaluations and comparison demonstrated its practicability and reliability.

Recent Research Trends in Side Channel Attack on Cryptographic Modules and its Countermeasure

2012 ◽  
Vol 132 (1) ◽  
pp. 9-12
Author(s):  
Yu-ichi Hayashi ◽  
Naofumi Homma ◽  
Takaaki Mizuki ◽  
Takafumi Aoki ◽  
Hideaki Sone
Keyword(s):  
Research Trends ◽  
Side Channel ◽  
Side Channel Attack

A Fast Power Current Simulation of Cryptographic VLSI Circuits for Side Channel Attack Evaluation

2013 ◽  
Vol E96.A (12) ◽  
pp. 2533-2541
Author(s):  
Daisuke FUJIMOTO ◽  
Toshihiro KATASHITA ◽  
Akihiko SASAKI ◽  
Yohei HORI ◽  
Akashi SATOH ◽  
...  
Keyword(s):  
Vlsi Circuits ◽  
Side Channel ◽  
Side Channel Attack ◽  
Fast Power
Sign in / Sign up

Export Citation Format

Share Document