47 research outputs found
Actuación en zonas antiguas de pueblos y ciudades
Actuación en zonas antiguas de pueblos y ciudade
Making Masking Security Proofs Concrete - Or How to Evaluate the Security of any Leaking Device
We investigate the relationships between theoretical studies of leaking cryptographic devices and concrete security evaluations with standard side-channel attacks. Our contributions are in four parts. First, we connect the formal analysis of the masking countermeasure proposed by Duc et al. (Eurocrypt 2014) with the Eurocrypt 2009 evaluation framework for side-channel key recovery attacks. In particular, we re-state their main proof for the masking countermeasure based on a mutual information metric, which is frequently used in concrete physical security evaluations. Second, we discuss the tightness of the Eurocrypt 2014 bounds based on experimental case studies. This allows us to conjecture a simplified link between the mutual information metric and the success rate of a side-channel adversary, ignoring technical parameters and proof artifacts. Third, we introduce heuristic (yet well-motivated) tools for the evaluation of the masking countermeasure when its independent leakage assumption is not perfectly fulfilled, as it is frequently encountered in practice. Thanks to these tools, we argue that masking with non-independent leakages may provide improved security levels in certain scenarios. Eventually, we consider the tradeoff between measurement complexity and key enumeration in divide-and-conquer side-channel attacks, and show that it can be predicted based on the mutual information metric, by solving a non-linear integer programming problem for which efficient solutions exist. The combination of these observations enables significant reductions of the evaluation costs for certification bodies
Compiler Assisted Masking
Differential Power Analysis (DPA) attacks find a statistical correlation
between the power consumption of a cryptographic device and intermediate values
within the computation. Randomization via (Boolean) masking of intermediate
values breaks this statistical dependence and thus prevents such attacks (at
least up to a certain order). Especially for software implementations,
(first-order) masking schemes are popular in academia and industry, albeit
typically not as the sole countermeasure. The current practice then is to
manually 'insert' Boolean masks: essentially software developers need to
manipulate low-level assembly language to implement masking. In this paper we
make a first step to automate this process, at least for first-order Boolean
masking, allowing the development of compilers capable of protecting programs
against DPA
Monomial Evaluation of Polynomial Functions Protected by Threshold Implementations: With an Illustration on AES
Part 3: CryptographyInternational audienceIn the context of side-channel countermeasures, threshold implementations (TI) have been introduced in 2006 by Nikova et al. to defeat attacks in presence of hardware effects called glitches. On several aspects, TI may be seen as an extension of another classical side-channel countermeasure, called masking, which is essentially based on the sharing of any internal state of the processing into independent parts (or shares). Among the properties of TI, uniform distribution of input and output shares is generally the most complicated to satisfy. Usually, this property is achieved by generating fresh randomness throughout the execution of the protected algorithm (e.g. the AES block cipher). In this paper, we combine the changing of the guards technique published by Daemen at CHES 2017 (which reduces the need for fresh randomness) with the work of Genelle et al. at CHES 2011 (which combines Boolean masking and multiplicative one) to propose a new TI without fresh randomness well suited to Substitution-Permutation Networks. As an illustration, we develop our proposal for the AES block cipher, and more specifically its non-linear part implemented thanks to a field inversion. In this particular context, we argue that our proposal is a valuable alternative to the state of the art solutions. More generally, it has the advantage of being easily applicable to the evaluation of any polynomial function, which was usually not the case of previous solutions
Simulatable Leakage::Analysis, Pitfalls, and New Constructions
In 2013, Standaert \emph{et al.} proposed the notion of simulatable
leakage to connect theoretical leakage resilience with the practice
of side channel attacks. Their use of simulators, based on physical
devices, to support proofs of leakage resilience allows verification
of underlying assumptions: the indistinguishability game, involving
real vs. simulated leakage, can be `played\u27 by an evaluator. Using
a concrete, block cipher based leakage resilient PRG and high-level
simulator definition (based on concatenating two partial leakage traces),
they included detailed reasoning why said simulator (for AES-128)
resists state-of-the-art side channel attacks.
\\\\
In this paper, we demonstrate a distinguisher against their simulator
and thereby falsify their hypothesis. Our distinguishing technique,
which is evaluated using concrete implementations of the Standaert
\emph{et al.} simulator on several platforms, is based on `tracking\u27
consistency (resp. identifying simulator {\em in}consistencies) in
leakage traces by means of cross-correlation. In attempt to rescue
the approach, we propose several alternative simulator definitions
based on splitting traces at points of low intrinsic cross-correlation.
Unfortunately, these come with significant caveats, and we conclude
that the most natural way of producing simulated leakage is by using
the underlying construction `as is\u27 (but with a random key)
Valier, Agostino
Profilo bio-bibliografico del cardinale Agostino Valie