International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version)

Authors:
François-Xavier Standaert
Tal G. Malkin
Moti Yung
Download:
URL: http://eprint.iacr.org/2006/139
Search ePrint
Search Google
Abstract: The fair evaluation and comparison of side-channel attacks and countermeasures has been a long standing open question, limiting further developments in the field. Motivated by this challenge, this work makes a step in this direction and proposes a framework for the analysis of cryptographic implementations that includes a theoretical model and an application methodology. The model is based on commonly accepted hypotheses about side-channels that computations give rise to. It allows quantifying the effect of practically relevant leakage functions with a combination of information theoretic and security metrics, measuring the quality of an implementation and the strength of an adversary, respectively. From a theoretical point of view, we demonstrate formal connections between these metrics and discuss their intuitive meaning. From a practical point of view, the model implies a unified methodology for the analysis of side-channel key recovery attacks. The proposed solution allows getting rid of most of the subjective parameters that were limiting previous specialized and often ad hoc approaches in the evaluation of physically observable devices. It typically determines the extent to which basic (but practically essential) questions such as "How to compare two implementations?" or "How to compare two side-channel adversaries?" can be answered in a sound fashion.
BibTeX
@misc{eprint-2006-21632,
  title={A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version)},
  booktitle={IACR Eprint archive},
  keywords={implementations, physically observable cryptography, side-channel attacks, block ciphers, information theory},
  url={http://eprint.iacr.org/2006/139},
  note={in the proceedings of Eurocrypt 2009, Lecture Notes in Computer Science, vol 5479, pp 443-461, Cologne, Germany, April 2009. fstandae@uclouvain.be 14405 received 9 Apr 2006, last revised 10 Jun 2009},
  author={François-Xavier Standaert and Tal G. Malkin and Moti Yung},
  year=2006
}