Side-channel attacks are an important threat against cryptographic implementations in which an adversary takes advantage of physical leakages, such as the power consumption of a smart card, in order to recover secret information. By circumventing the models in which standard security proofs are obtained, they can lead to powerful attacks against a large class of devices. As a consequence, formalizing implementation security and efficiently preventing side-channel attacks is one of the most challenging open problems in modern cryptography. Physical attacks imply new optimization criteria, with potential impact on the way we conceive algorithms and the way we design circuits. By putting together mathematical and electrical engineering problems, just as they are raised in reality, the CRASH project is expected to develop concrete basements for the next generation of cryptographic algorithms and their implementation. For this purpose, three main directions will be considered. First, we will investigate sound evaluation tools for side-channel attacks and validate them on different prototype chips. Second, we will consider the impact of physical attacks on the mathematical aspects of cryptography, both destructively (i.e. by developing new attacks and advanced cryptanalysis tools) and constructively (i.e. by investigating new cipher designs and security proof techniques). Third, we will evaluate the possibility to integrate physical security analysis into the design tools of integrated circuits (e.g. in order to obtain “physical security aware” compilers). Summarizing, this project aims to break the barrier between the abstractions of mathematical cryptography and the concrete peculiarities of physical security in present microelectronic devices. By considering the system and algorithmic issues in a unified way, it is expected to get rid of the incompatibilities between the separate formalisms that are usually considered in order to explain these concurrent realities.
Field of science
- /natural sciences/computer and information sciences/computer security/cryptography
- /engineering and technology/electrical engineering, electronic engineering, information engineering/electrical engineering
Call for proposal
See other projects for this call