CryptoDB
Formal Definition and Verification for Combined Random Fault and Random Probing Security
| Authors: |
|
|---|---|
| Download: | |
| Presentation: | Slides |
| Conference: | ASIACRYPT 2024 |
| Abstract: | In our highly digitalized world, an adversary is not constrained to purely digital attacks but can monitor or influence the physical execution environment of a target computing device. Such side-channel or fault-injection analysis poses a significant threat to otherwise secure cryptographic implementations. Hence, it is important to consider additional adversarial capabilities when analyzing the security of cryptographic implementations besides the default black-box model. For side-channel analysis, this is done by providing the adversary with knowledge of some internal values, while for fault-injection analysis the capabilities of the adversaries include manipulation of some internal values. In this work, we extend probabilistic security models for physical attacks, by introducing a general random probing model and a general random fault model to capture arbitrary leakage and fault distributions, as well as the combination of these models. Our aim is to enable a more accurate modeling of low-level physical effects. We then analyze important properties, such as the impact of adversarial knowledge on faults and compositions, and provide tool-based formal verification methods that allow the security assessment of design components. These methods are introduced as extension of previous tools VERICA and IronMask which are implemented, evaluated and compared. |
BibTeX
@inproceedings{asiacrypt-2024-34610,
title={Formal Definition and Verification for Combined Random Fault and Random Probing Security},
publisher={Springer-Verlag},
author={Sonia Belaïd and Jakob Feldtkeller and Tim Güneysu and Anna Guinet and Jan Richter-Brockmann and Matthieu Rivain and Pascal Sasdrich and Abdul Rahman Taleb},
year=2024
}