Traditionally, cryptography views cryptographic schemes as black-boxes. An adversary may have access to its inputs and outputs, but the internal computation within the box stays secret. Unfortunately, many real-world attacks have illustrated that the black-box model is overly optimistic. So-called side-channel attacks exploit the physical nature of cryptographic implementations and break security by, e.g., measuring the device's power consumption, its running time, or by inducing faults into the computation. This fundamental gap between black-box security analysis and physical reality has inspired a large body of recent work on leakage resilient cryptography.
While results on the theory of leakage resilient cryptography certainly show that weakening the black-box assumption is possible, prominent criticism has been raised arguing that security proofs in these models say little about the actual security against relevant side-channel attacks. Hence, they are only of very limited use to guide cryptographic engineers when designing secure cryptographic implementations. Important shortcomings of the current-state-of-the-art range from fundamental issues with the current modeling approach to the fact that proposed schemes are too inefficient or neglect implementation details.
The goal of this project is to resolve these shortcomings and develop a sound theory for physical security based on the proof-driven design approach. To take the next step towards a proof-driven design approach for physical security, we will work on three main objectives: (1) Better models and constructions for masking schemes, (2) better designs for leakage resilient symmetric cryptography, and (3) the development of a computer-aided physical security analysis.
Call for proposal
See other projects for this call