Abstract
Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have been adopted or defined to express and quantify side-channel security. These metrics can relate to one another, but also conflict in terms of effectiveness, assumptions, and security goals. In this work, we review the most commonly used metrics in the field of side-channel analysis. We provide a self-contained presentation of each metric, along with a discussion of its limitations. We practically demonstrate the metrics on examples of relevant implementations of the Advanced Encryption Standard (AES), and make the software implementation of the presented metrics available to the community as open source. This work, being beyond a survey of the current status of metrics, will allow researchers and practitioners to produce a well-informed security evaluation through a better understanding of its supporting and summarizing metrics.
Supplemental Material
Available for Download
Supplementary material
- [1] . 2006. Template attacks in principal subspaces. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 4249, Springer, Berlin, 1–14.Google ScholarDigital Library - [2] . 2019. Key enumeration from the adversarial viewpoint. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 11833, Springer, Berlin, 252–67.Google Scholar - [3] . 2014. On the cost of lazy engineering for masked software implementations. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 8968, Springer, Berlin, 64–81.Google Scholar - [4] . 2021. Masking in fine-grained leakage models: Construction, implementation and verification. IACR Transactions on Cryptographic Hardware and Embedded Systems 2021, 2(2021), 73–96.Google Scholar
- [5] . 2013. Test vector leakage assessment (TVLA) methodology in practice. In Proceedings of the International Cryptographic Module Conference. Semantic Scholar, Gaithersburg area, MD, 1–13.Google Scholar
- [6] . 2020. Deep learning for side-channel analysis and introduction to ASCAD database. Journal of Cryptographic Engineering 10, 2(2020), 163–188.Google ScholarCross Ref
- [7] . 2015. Tighter, Faster, Simpler Side-Channel Security Evaluations Beyond Computing Power.
Cryptology e-print archive 2015/221. International Association for Cryptologic Research. Retrieved from http://eprint.iacr.org/2015/211.Google Scholar - [8] . 2014. NICV: Normalized inter-class variance for detection of side-channel leakage. In Proceedings of the International Symposium on Electromagnetic Compatibility. IEEE, Tokyo, Japan, 310–13.Google Scholar
- [9] . 1991. Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4, 1(1991), 3–72.Google ScholarDigital Library
- [10] . 2015. Fast and memory-efficient key recovery in side-channel attacks. In Proceedings of the Conference on Selected Areas in Cryptography. and (Eds.),
Lecture Notes in Computer Science , Vol. 9566, Springer, Berlin, 310–27.Google Scholar - [11] . 2004. Correlation power analysis with a leakage model. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 3156, Springer, Berlin, 16–29.Google ScholarCross Ref - [12] . 2019. Leakage certification revisited: bounding model errors in side-channel security evaluations. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 11692, Springer, Berlin, 713–37.Google ScholarDigital Library - [13] . 1999. Towards sound approaches to counteract power-analysis attacks. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 1666, Springer, Berlin, 398–412.Google ScholarCross Ref - [14] . 2002. Template attacks. In Proceedings of the Cryptographic Hardware and Embedded Systems. , , and (Eds.),
Lecture Notes in Computer Science , Vol. 2523, Springer, Berlin, 13–28.Google Scholar - [15] . 2018. Efficient, portable template attacks. IEEE Transactions on Information Forensics and Security 13, 2(2018), 490–501.Google ScholarDigital Library
- [16] . 2016. Score-based vs. probability-based enumeration - A cautionary note. In Proceedings of the Progress in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 10095, Springer, Berlin, 137–52.Google ScholarCross Ref - [17] . 2013. Efficient template attacks. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 8419, Springer, Berlin, 253–70.Google Scholar - [18] . 2002. A note on sample size calculation for mean comparisons based on noncentral t-statistics. Journal of Biopharmaceutical Statistics 12, 4(2002), 441–56.Google ScholarCross Ref
- [19] . 2016. Masking AES with \(d+1\) shares in hardware. In Proceedings of the Cryptographic Hardware and Embedded Systems. (Ed.),
Lecture Notes in Computer Science , Vol. 9813, Springer, Berlin, 1–21.Google ScholarCross Ref - [20] . 2006. Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing). Wiley-Interscience, New York, NY.Google ScholarDigital Library
- [21] . 2017. A bounded-space near-optimal key enumeration algorithm for multi-subkey side-channel attacks. In Proceedings of the Cryptographers’ Track at the RSA Conference. (Ed.),
Lecture Notes in Computer Science , Vol. 10159, Springer, Berlin, 311–27.Google ScholarCross Ref - [22] . 2018. REASSURE, Deliverable D2.3, Shortcut Formulas for Side Channel Evaluation. 1–41. Retrieved September 29, 2022 from http://reassure.eu/wp-content/uploads/2018/09/REASSURE_D23.pdf.Google Scholar
- [23] . 2017. Towards sound and optimal leakage detection procedure. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 10728, Springer, Berlin, 105–22.Google ScholarCross Ref - [24] . 2011. Univariate side channel attacks and leakage modeling. Journal of Cryptographic Engineering 1, 2(2011), 123–44.Google ScholarCross Ref
- [25] . 2019. Making masking security proofs concrete (or how to evaluate the security of any leaking device), extended version. Journal of Cryptology 32, 4(2019), 1263–97.Google ScholarDigital Library
- [26] . 1961. Multiple comparisons among means. Journal of the American Statistical Association 56, 293(1961), 52–64.Google ScholarCross Ref
- [27] . 2014. How to certify the leakage of a chip? In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 8441, Springer, Berlin, 459–76.Google ScholarCross Ref - [28] . 2016. From improved leakage detection to the detection of points of interests in leakage traces. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 9665, Springer, Berlin, 240–62.Google ScholarCross Ref - [29] . 1986. Bootstrap methods for standard errors, confidence intervals, and other measures of statistical accuracy. Statistical Science 1, 1(1986), 54–75.Google Scholar
- [30] . 2012. A statistical model for DPA with novel algorithmic confusion analysis. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 7428, Springer, Berlin, 233–50.Google ScholarDigital Library - [31] . 2015. Simpler and more efficient rank estimation for side-channel security assessment. In Proceedings of the Fast Software Encryption. (Ed.).
Lecture Notes in Computer Science , Vol. 9054, Springer, Berlin, 117–29.Google ScholarCross Ref - [32] . 2011. A testing methodlogy for side-channel resistance validation. In Proceedings of the NIST Non-Invasive Attack Testing Workshop. NIST, Nara, Japan, 1–15.Google Scholar
- [33] . 2018. Masking proofs are tight and how to exploit it in security evaluations. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 10821, Springer, Berlin, 385–412.Google ScholarCross Ref - [34] . 2014. Masking vs. multiparty computation: How large is the gap for AES? Journal of Cryptographic Engineering 4, 1(2014), 47–57.Google ScholarCross Ref
- [35] . 2013. Low entropy masking schemes, revisited. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 8419, Springer, Berlin, 33–43.Google ScholarCross Ref - [36] . 2020. Modeling soft analytical side-channel attacks from a coding theory viewpoint. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 4(2020), 209–38.Google Scholar
- [37] . 1980. A cryptanalytic time-memory trade-off. IEEE Transactions on Information Theory 26, 4(1980), 401–6.Google ScholarDigital Library
- [38] . 2011. Machine learning in side-channel analysis: A first study. Journal of Cryptographic Engineering 1, 4(2011), 293–302.Google ScholarCross Ref
- [39] . 2003. Private circuits: Securing hardware against probing attacks. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 2729, Springer, Berlin, 463–81.Google ScholarCross Ref - [40] . 2022. ISO/IEC 15408-1:2022, Information security, cybersecurity and privacy protection – Evaluation criteria for IT security – Part 1: Introduction and general model. https://www.iso.org/standard/72891.html. Accessed 29/09/2022.Google Scholar
- [41] . 2016. ISO/IEC 17825:2016, Information technology – Security techniques – Testing methods for the mitigation of non-invasive attack classes against cryptographic modules. Retrieved September 29, 2022 from https://www.iso.org/standard/60612.html.Google Scholar
- [42] . 2017. Very high order masking: Efficient implementation and security evaluation. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 10529, Springer, Berlin, 623–43.Google ScholarCross Ref - [43] . 1998. Contemporary block ciphers. In Proceedings of the Lectures on Data Security, Modern Cryptology in Theory and Practice. Springer, Aarhus, Denmark, 105–26.Google Scholar
- [44] . 1999. Differential power analysis. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 1666, Springer, Berlin, 398–412.Google ScholarCross Ref - [45] . 1933. Sulla determinazione empirica di una legge di distribuzione. Giornale dell’Instituto Italiano degli Attuari 4, 6.1(1933), 83–91.Google Scholar
- [46] . 2007. An information-theoretic model for adaptive side-channel attacks. In Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, Alexandria, VA, 286–96.Google ScholarDigital Library
- [47] . 2006. An Introduction to Mathematical Statistics and Its Applications Fifth Edition. Pearson Prentice Hall, Hoboken, NJ.Google Scholar
- [48] . 2014. Power analysis attack: An approach based on machine learning. International Journal of Applied Cryptography 3, 2(2014), 97–115.Google ScholarCross Ref
- [49] . 2020. Application of Attack Potential to Smartcards and Similar Devices. Retrieved September 29, 2022 from https://www.sogis.eu/documents/cc/domains/sc/JIL-Application-of-Attack-Potential-to-Smartcards-v3-1.pdf.Google Scholar
- [50] . 2021. Let’s take it offline: Boosting brute-force attacks on iphone’s user authentication through SCA. IACR Transactions on Cryptographic Hardware and Embedded Systems 2021, 3(2021), 496–519.Google Scholar
- [51] . 2014. How to estimate the success rate of higher-order side-channel attacks. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 8731, Springer, Berlin, 35–54.Google ScholarDigital Library - [52] . 2013. Behind the scene of side channel attacks. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 8269, Springer, Berlin, 506–25.Google ScholarDigital Library - [53] . 2016. How Low Can You Go? Using Side-Channel Data to Enhance Brute-Force Key Recovery.
Cryptology e-print archive 2016/609. International Association for Cryptologic Research. Retrieved from http://eprint.iacr.org/2016/609.Google Scholar - [54] . 2004. A dynamic current mode logic to counteract power analysis attacks. In Proceedings of the 19th Conference on Design of Circuits and Integrated Systems. IEEE, Bordeaux, 186–91.Google Scholar
- [55] . 2004. Hardware countermeasures against DPA? A statistical analysis of their effectiveness. In Proceedings of the Cryptographers’ Track at the RSA Conference. (Ed.),
Lecture Notes in Computer Science , Vol. 2964, Springer, Berlin, 222–35.Google ScholarCross Ref - [56] . 2015. Counting keys in parallel after a side channel attack. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 9453, Springer, Berlin, 313–37.Google ScholarDigital Library - [57] . 2011. Optimization of power analysis using neural network. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 8419, Springer, Berlin, 94–107.Google ScholarCross Ref - [58] . 1994. Guessing and entropy. In Proceedings of the 1994 IEEE International Symposium on Information Theory. IEEE, Trondheim, Norway, 204.Google ScholarCross Ref
- [59] . 2019. A comprehensive study of deep learning for side-channel analysis. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 1(2019), 348–75.Google Scholar
- [60] . 2013. Does my device leak information? an a priori statistical power analysis of leakage detection tests. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 8269, Springer, Berlin, 486–505.Google ScholarDigital Library - [61] . 1992. A new method for known plaintext attack of FEAL cipher. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 658, Springer, Berlin, 81–91.Google Scholar - [62] . 2000. Securing the AES finalists against power analysis attacks. In Proceedings of the Fast Software Encryption. (Ed.),
Lecture Notes in Computer Science , Vol. 1978, Springer, Berlin, 150–64.Google Scholar - [63] . 2018. Leakage detection with the \(\chi ^2\)-test. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 1(2018), 209–37.Google Scholar
- [64] . 2016. Moments-correlating DPA. In Proceedings of the 2016 ACM Workshop on Theory of Implementation Security. ACM, Vienna, Austria, 5–15.Google ScholarDigital Library
- [65] . 2014. Statistical Power Analysis: A Simple and General Model for Traditional and Modern Hypothesis Tests. Routledge, New York, NY.Google ScholarCross Ref
- [66] . 2017. Mind the gap: Towards secure 1st-order masking in software. In Proceedings of the Constructive Side-Channel Analysis and Secure Design. (Ed.),
Lecture Notes in Computer Science , Vol. 10348, Springer, Berlin, 282–97.Google ScholarCross Ref - [67] . 1992. On the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling. In Proceedings of the Breakthroughs in Statistics: Methodology and Distribution. and (Eds.), Springer New York, New York, NY, 11–28.Google ScholarCross Ref
- [68] . 2019. Neural Network Model Assessment for Side-Channel Analysis.
Cryptology e-print archive 2019/722. International Association for Cryptologic Research. Retrieved from http://eprint.iacr.org/2019/722.Google Scholar - [69] . 2017. Connecting and improving direct sum masking and inner product masking. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 10728, Springer, Berlin, 123–41.Google Scholar - [70] . 2016. Simple key enumeration (and rank estimation) using histograms: An integrated approach. In Proceedings of the Cryptographic Hardware and Embedded Systems. (Ed.),
Lecture Notes in Computer Science , Vol. 9813, Springer, Berlin, 61–81.Google ScholarCross Ref - [71] . 2015. Blind source separation from single measurements using singular spectrum analysis. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 9293, Springer, Berlin, 42–59.Google ScholarDigital Library - [72] . 2009. Statistical analysis of second order differential power analysis. IEEE Transactions on Computers 58, 6(2009), 799–811.Google ScholarDigital Library
- [73] . 2016. Physical attacks and beyond. In Proceedings of the Conference on Selected Areas in Cryptography. and (Eds.),
Lecture Notes in Computer Science , Vol. 10532, Springer, Berlin, 3–13.Google Scholar - [74] . 2011. A formal study of power variability issues and side-channel attacks for nanoscale devices. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 6632, Springer, Berlin, 109–28.Google ScholarCross Ref - [75] . 2008. On the exact success rate of side channel analysis in the gaussian model. In Proceedings of the Conference on Selected Areas in Cryptography. , , and (Eds.),
Lecture Notes in Computer Science , Vol. 5381, Springer, Berlin, 165–83.Google Scholar - [76] . 2010. Provably secure higher-order masking of AES. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 6225, Springer, Berlin, 413–27.Google ScholarCross Ref - [77] . 2018. Breaking Ed25519 in WolfSSL. In Proceedings of the Cryptographers’ Track at the RSA Conference. (Ed.),
Lecture Notes in Computer Science , Vol. 10808, Springer, Berlin, 1–20.Google ScholarCross Ref - [78] . 2005. Correlation power analysis with a leakage model. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 3659, Springer, Berlin, 30–46.Google Scholar - [79] . 2015. Leakage assessment methodology: A clear roadmap for side-channel evaluations. In Proceedings of the Cryptographic Hardware and Embedded Systems. and (Eds.),
Lecture Notes in Computer Science , Vol. 9293, Springer, Berlin, 495–513.Google ScholarDigital Library - [80] . 2016. Leakage assessment methodology. Journal of Cryptographic Engineering 6, 2(2016), 85–99.Google ScholarCross Ref
- [81] . 1948. Table for estimating the goodness of fit of empirical distributions. The Annals of Mathematical Statistics 19, 2(1948), 279–81.Google ScholarCross Ref
- [82] . 2016. High (Physical) Security & Lightweight (Symmetric) Cryptography (Invited talk), HighLight: High-Security Lightweight Cryptography. Retrieved September 29, 2022 from https://perso.uclouvain.be/fstandae/PUBLIS/186.pdf.Google Scholar
- [83] . 2018. How (not) to use Welsch’s t-test in side-channel security evaluations. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 11389, Springer, Berlin, 65–79.Google Scholar - [84] . 2009. A unified framework for the analysis of side-channel key recovery attacks. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 5479, Springer, Berlin, 443–61.Google ScholarCross Ref - [85] . 2010. The world is not enough: Another look on second-order DPA. In Proceedings of the Advances in Cryptology. (Ed.),
Lecture Notes in Computer Science , Vol. 6477, Springer, Berlin, 112–29.Google ScholarCross Ref - [86] . 2020. TranSCA: Cross-Family Profiled Side-Channel Attacks using Transfer Learning on Deep Neural Networks.
Cryptology e-print archive 2020/1258. International Association for Cryptologic Research (IACR). Retrieved from http://eprint.iacr.org/2020/1258.Google Scholar - [87] . 2002. A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on Smart Cards. In Proceedings of the 28th European Solid-State Circuits Conference. IEEE, Florence, 403–6.Google Scholar
- [88] . 2017. Leakage bounds for gaussian side channels. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 10728, Springer, Berlin, 88–104.Google Scholar - [89] . 1967. Rectangular confidence regions for the means of multivariate normal distributions. Journal of the American Statistical Association 62, 318(1967), 626–33.Google Scholar
- [90] . 2012. An optimal key enumeration algorithm and its application to side-channel attacks. In Proceedings of the Conference on Selected Areas in Cryptography. and (Eds.),
Lecture Notes in Computer Science , Vol. 7707, Springer, Berlin, 390–406.Google Scholar - [91] . 2013. Security evaluations beyond computing power. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 7881, Springer, Berlin, 126–41.Google ScholarCross Ref - [92] . 2012. Shuffling against side-channel attacks: A comprehensive study with cautionary note. In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 7658, Springer, Berlin, 740–57.Google ScholarDigital Library - [93] . 2019. A Cautionary Note Regarding the Usage of Leakage Detection Tests in Security Evaluation.
Cryptology e-print archive 2019/703. International Association for Cryptologic Research. Retrieved from http://eprint.iacr.org/2019/703.Google Scholar - [94] . 2019. A critical analysis of ISO 17825 (‘Testing Methods for the Mitigation of Non-invasive Attack Classes Against Cryptographic Modules’). In Proceedings of the Advances in Cryptology. and (Eds.),
Lecture Notes in Computer Science , Vol. 11923, Springer, Berlin, 256–84.Google ScholarDigital Library - [95] . 2011. An exploration of the Kolmogorov-Smirnov test as a competitor to mutual information analysis. In Proceedings of the Smart Card Research and Advanced Applications. (Ed.),
Lecture Notes in Computer Science , Vol. 7079, Springer, Berlin, 234–51.Google ScholarDigital Library - [96] . 2021. On the Evaluation of Deep Learning-based Side-channel Analysis.
Cryptology e-print archive 2021/952. International Association for Cryptologic Research. Retrieved from http://eprint.iacr.org/2021/952.Google Scholar - [97] . 2014. Bounded, yet sufficient? how to determine whether limited side channel information enables key recovery. In Proceedings of the Smart Card Research and Advanced Applications. and (Eds.),
Lecture Notes in Computer Science , Vol. 8968, Springer, Berlin, 215–32.Google Scholar - [98] . 2020. A novel evaluation metric for deep learning-based side channel analysis and its extended application to imbalanced data. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 3(2020), 73–96.Google Scholar
Index Terms
- The Side-channel Metrics Cheat Sheet
Recommendations
SoK: Deep Learning-based Physical Side-channel Analysis
Side-channel attacks represent a realistic and serious threat to the security of embedded devices for already almost three decades. A variety of attacks and targets they can be applied to have been introduced, and while the area of side-channel attacks ...
Side channel vulnerability metrics: the promise and the pitfalls
HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and PrivacySide-channels enable attackers to break a cipher by exploiting observable information from the cipher program's execution to infer its secret key. While some defenses have been proposed to protect information leakage due to certain side channels, the ...
Side-channel analysis of MAC-Keccak hardware implementations
HASP '15: Proceedings of the Fourth Workshop on Hardware and Architectural Support for Security and PrivacyAs Keccak has been selected as the new SHA-3 standard, Message Authentication Code (MAC) (MAC-Keccak) using a secret key will be widely used for integrity checking and authenticity assurance. Recent works have shown the feasibility of side-channel ...
Comments