From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces

Leakage detection usually refers to the task of identifying data-dependent information in side-channel measurements, independent of whether this information can be exploited. Detecting Points-Of-Interest (POIs) in leakage traces is a complementary task that is a necessary first step in most side-channel attacks, where the adversary wants to turn this information into (e.g.) a key recovery. In this paper, we discuss the differences between these tasks, by investigating a popular solution to leakage detection based on a t-test, and an alternative method exploiting Pearson\u27s correlation coefficient. We first show that the simpler t-test has better sampling complexity, and that its gain over the correlation-based test can be predicted by looking at the Signal-to-Noise Ratio (SNR) of the leakage partitions used in these tests. This implies that the sampling complexity of both tests relates more to their implicit leakage assumptions than to the actual statistics exploited. We also put forward that this gain comes at the cost of some intuition loss regarding the localization of the exploitable leakage samples in the traces, and their informativeness. Next, and more importantly, we highlight that our reasoning based on the SNR allows defining an improved t-test with significantly faster detection speed (with approximately 5 times less measurements in our experiments), which is therefore highly relevant for evaluation laboratories. We finally conclude that whereas t-tests are the method of choice for leakage detection only, correlation-based tests exploiting larger partitions are preferable for detecting POIs. We confirm this intuition by improving automated tools for the detection of POIs in the leakage measurements of a masked implementation, in a black box manner and without key knowledge, thanks to a correlation-based leakage detection test

Towards fair evaluation and intellectual property protection of cryptographic implementations

With the emergence of the internet of things, the research surrounding the design of cryptographic algorithms suited for constrained environments has rapidly gained ground. This fast development of new security primitives and their implementation on electronic devices has led to several concerns in terms of fair evaluation, physical security and protection of their intellectual property (IP). These can be summarized with the following questions: 1. How can we fairly compare the performances of algorithms? How do lightweight algorithms compare to the standard ones? What is the impact of design choices on the implementation results? 2. To what extent do countermeasures against side-channel attacks (SCA) improve security and at which cost? What is the impact of new technologies on the physical security and efficiency of cryptographic implementations? 3. How to protect IPs in a way that is both flexible and secure? To answer these questions, we first propose different evaluation frameworks which allow us to compare the efficiency of cryptographic algorithms. From the obtained results, we extract some general design guidelines and show that normalized metrics (such as energy) are generally more illustrative. We then come up with more efficient implementations of the shuffling countermeasure which is an important solution to improve security against SCA. We also present the first implementation of the randomized look up table countermeasure. Finally, we propose a new flexible IP protection infrastructure exploiting the implementation power consumption as a signature.(FSA - Sciences de l) -- UCL, 201

A Survey of Recent Results in FPGA Security and Intellectual Property protection

Field Programmable Gate Arrays (FPGAs) are reconfigurable devices which have emerged as an interesting trade-off between the efficiency of Application Specific Integrated Circuits (ASICs) and the versatility of standard microprocessors [81]. Progresses over the last 10 years have improved their capabilities to the point where they can hold a complete System on a Chip (SoC) and thus become an attractive platform for an increasing number of applications (e.g. signal processing, image processing, aerospace, . . . ). In view of the important data manipulated by these devices, but also of the high amount of Intellectual Property (IP) they may contain, security-related questions have arisen. First, can we use FPGAs as security devices for e.g. securely and efficiently encrypting sensitive data (in particular when compared to software solutions)? Second, how can we guarantee that the IP corresponding to FPGA designs is protected (i.e. cannot be easily counterfeited)? Such questions have been the target of a large number of papers in literature, including several surveys, e.g. [13, 71, 83]. In this chapter, we take another look at them and review a number of important recent results related to security IPs and IP security in modern reconfigurable devices. The chapter is structured in three main sections. First, we brie y describe the structure of recent FPGAs. Next, we discuss security IPs in FPGAs, taking the example of symmetric encryption with the AES Rijndael, and including their performance evaluations and resistance against physical attacks. Finally, we emphasize recent trends for improving IP security in FPGAs, including bitstream security, the use of code watermarking techniques and the exploitation of Physically Unclonable Functions (PUFs)

Support Vector Machines for Improved IP Detection with Soft Physical Hash Functions

Side-channel analysis is a powerful tool to extract secret information from microelectronic devices. Its most frequently considered application is destructive, i.e. key recovery attacks against cryptographic implementations. More recently, it has also been considered constructively, in the context of intellectual property protection/detection, e.g. through the use of side-channel based watermarks or soft physical hash functions. The latter solution is interesting from the application point-of-view, because it does not require any modification of the designs to protect (hence it implies no performance losses). Previous works in this direction have exploited simple (correlation-based) statistical tools in different (more or less challenging) scenarios. In this paper, we investigate the use of support vector machines for this purpose. We first argue that their single-class extension is naturally suited to the problem of intellectual property detection. We then show experimentally that they allow dealing with more complex scenarios than previously published, hence extending the relevance and applicability of soft physical hash functions

Towards a Formal IoT Security Model

The heterogeneity of Internet of Things (IoT) systems has so far prevented the definition of adequate standards, hence making it difficult to compare meaningfully the security degree of diverse architectural choices. This task can be nonetheless achieved with formal methodologies. However, the dedicated IoT literature shows no evidence of a universal model allowing the security evaluation of any arbitrary system. Based on these considerations, we propose a new model that aims at being global and all-encompassing. Our model can be used to fairly analyse the security level of different IoT systems and compare them in a significant way. It is designed to be adaptive with realistic definitions of the adversary’s (1) actions of interacting with IoT systems; (2) capabilities of accessing the data generated by and exchanged in IoT systems with established rules; and (3) objectives of attacking IoT systems according to the four recognised security properties of confidentiality, integrity, availability and soundness. Such a design enables the straightforward characterization of new adversaries. It further helps in providing a fine-grained security evaluation of IoT systems by either accurately describing attacks against the analysed systems or formally proving their guaranteed level of security

CAESAR candidate SCREAM

International audienc

SCREAM & iSCREAM: Side-Channel Resistant Authenticated Encryption with Masking

Submission to the CAESAR competitio

Intellectual Property Protection for Integrated Systems Using Soft Physical Hash Functions

Intellectual property right violations are an important problem for integrated system designers. We propose a new solution for mitigating such violations, denoted as soft physical hash functions. It combines previously introduced ideas of soft hash functions (in the field of image processing) and side-channel leakage (in the field of cryptographic hardware). For this purpose, we first introduce and formalize the components of an intellectual property detection infrastructure using soft physical hash functions. Next, we discuss its advantages over previous proposals aiming at similar goals. The most important point here is that the proposed technique can be applied to already deployed products. Finally, we validate our approach with a first experimental study

Intellectual property protection for FPGA designs with soft physical hash functions: First experimental results

The use of Soft Physical Hash (SPH) functions has been recently introduced as a flexible and efficient way to detect Intellectual Property (IP) cores in microelectronic systems. Previous works have mainly investigated software IP to validate this approach. In this paper, we extend it towards the practically important case of FPGA designs. Based on experiments, we put forward that SPH functions-based detection is a promising and low-cost solution for preventing anti-counterfeiting, as it does not require any a-priori modification of the design flow. In particular, we illustrate its performances with stand-alone FPGA designs, re-synthetized FPGA designs, and in the context of parasitic IPs running in parallel