Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Side-Channel Attacks on SHA-1-Based Product Authentication ICs Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

Comparing Approaches to Rank Estimation for Side-Channel Security Evaluations

verfasst von : Romain Poussier, Vincent Grosso, François-Xavier Standaert

Erschienen in: Smart Card Research and Advanced Applications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Rank estimation is an important tool for side-channel evaluations laboratories. It allows determining the remaining security after an attack has been performed, quantified as the time complexity required to brute force the key given the leakages. Several solutions to rank estimation have been introduced in the recent years. In this paper, we first clarify the connections between these solutions, by organizing them according to their (maximum likelihood or weak maximum likelihood) strategy and whether they take as argument a side-channel distinguishers’ output or some evaluation metrics. This leads us to introduce new combinations of these approaches, and to discuss the use of weak maximum likelihood strategies for suboptimal but highly parallel enumeration. Next, we show that the different approaches to rank estimation can also be implemented with different mixes of very similar tools (e.g. histograms, convolutions, combinations and subsampling). Eventually, we provide various experiments allowing to discuss the pros and cons of these different approaches, hence consolidating the literature on this topic.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel From Code Review to Fault Injection Attacks: Filling the Gap Using Fault Model Inference
Nächstes Kapitel Collision for Estimating SCA Measurement Quality and Related Applications
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
Their “Polynomial Rank Outlining” algorithm can be viewed as similar to the FSE 2015 one, by considering the multiplication of two polynomials as the convolution of coefficient vectors, and the coefficient in the polynomials as histogram counts.
 
2
Quite naturally, metrics such as the subkey success rates also need to be sampled somehow. So the term “metric-based” only refers to the type of inputs provided to the rank estimation algorithms, to be compared with the sampling-based approach where the sampled probabilities output by a side-channel attack are used directly.
 
3
By contrast, one could typically imagine a scenario where the scores obtained from a CPA lead to a correlation 0.2 for a subkey that is known with high confidence and the same correlation of 0.2 for a subkey that is not know at all – because of different Signal-to-Noise Ratios. In this case, the key enumeration and rank estimation algorithms will not be able to list keys optimally. Quite naturally, it is possible to mitigate such issues by outputing the p-values of the CPA distinguisher, but this requires making additional assumptions on its distribution, and eventually corresponds to a type of profiling which would then allow evaluators to directly estimate probabilities. So in general, we believe it is advisable to directly use probability-based distinguishers for optimal key enumeration and rank estimation algorithms.
 
4
Together with its analog in [1] which would yield very similar performances.
 
5
The algorithm by Ye et al. could be used as a sightly more accurate alternative. However, as our proposal, it can only provide a lower bound on the success rate because it is based on a wML approach. We focused on the EUROCRYPT 2015 heuristic because of its simplicity and connections with the other solutions of Table 2.
 
Literatur
1.
Bernstein, D.J., Lange, T., van Vredendaal, C.: Tighter, faster, simpler side-channel security evaluations beyond computing power. IACR Cryptol. ePrint Arch. 2015, 221 (2015)
2.
Bogdanov, A., Kizhvatov, I., Manzoor, K., Tischhauser, E., Witteman, M.: Fast and memory-efficient key recovery in side-channel attacks. IACR Cryptol. ePrint Arch. 2015, 795 (2015)
3.
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)CrossRef
4.
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRef
5.
Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 401–429. Springer, Heidelberg (2015)
6.
Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 459–476. Springer, Heidelberg (2014)CrossRef
7.
Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: 49th Annual IEEE Symposium on Foundations of Computer Science, FOCS 25–28, 2008, Philadelphia, PA, USA, pp. 293–302. IEEE Computer Society, October 2008
8.
Glowacz, C., Grosso, V., Poussier, R., Schueth, J., Standaert, F.-X.: Simpler and more efficient rank estimation for side-channel security assessment. IACR Cryptol. ePrint Arch. 2014, 920 (2014)
9.
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRef
10.
Martin, D.P., O’Connell, J.F., Oswald, E., Stam, M.: How to enumerate your keys accurately and efficiently after a side channel attack. IACR Cryptol. ePrint Arch. 2015, 689 (2015)
11.
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005)CrossRef
12.
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)CrossRef
13.
Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An Optimal Key Enumeration Algorithm and Its Application to Side-Channel Attacks. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 390–406. Springer, Heidelberg (2013)CrossRef
14.
Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 126–141. Springer, Heidelberg (2013)CrossRef
15.
Ye, X., Eisenbarth, T., Martin, W.: Bounded, yet sufficient? How to determine whether limited side channel information enables key recovery. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 215–232. Springer, Heidelberg (2015)
Metadaten
Titel
Comparing Approaches to Rank Estimation for Side-Channel Security Evaluations
verfasst von
Romain Poussier
Vincent Grosso
François-Xavier Standaert
Copyright-Jahr
2016
Buch
Smart Card Research and Advanced Applications

Print ISBN: 978-3-319-31270-5

Electronic ISBN: 978-3-319-31271-2

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-319-31271-2_8