International Association for Cryptologic Research

International Association
for Cryptologic Research


MCRank: Monte Carlo Key Rank Estimation for Side-Channel Security Evaluations

Giovanni Camurati , ETH Zurich, Zurich, Switzerland
Matteo Dell’Amico , University of Genoa, Genoa, Italy
François-Xavier Standaert , UC Louvain, Louvain, Belgium
DOI: 10.46586/tches.v2023.i1.277-300
Search ePrint
Search Google
Abstract: Key rank estimation provides a measure of the effort that the attacker has to spend bruteforcing the key of a cryptographic algorithm, after having gained some information from a side channel attack. We present MCRank, a novel method for key rank estimation based on Monte Carlo sampling. MCRank provides an unbiased estimate of the rank and a confidence interval. Its bounds rapidly become tight for increasing sample size, with a corresponding linear increase of the execution time. When applied to evaluate an AES-128 implementation, MCRank can be orders of magnitude faster than the state-of-the-art histogram-based enumeration method for comparable bound tightness. It also scales better than previous work for large keys, up to 2048 bytes. Besides its conceptual simplicity and efficiency, MCRank can assess for the first time the security of large keys even if the probability distributions given the side channel leakage are not independent between subkeys, which occurs, for example, when evaluating the leakage security of an AES-256 implementation.
  title={MCRank: Monte Carlo Key Rank Estimation for Side-Channel Security Evaluations},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2023, Issue 1},
  author={Giovanni Camurati and Matteo Dell’Amico and François-Xavier Standaert},