Skip to main content

Security Without Obscurity for Reliable Devices

Periodic Reporting for period 2 - SWORD (Security Without Obscurity for Reliable Devices)

Reporting period: 2019-03-01 to 2020-08-31

Cryptographic implementations are traditionally evaluated based on a trade-off between security and efficiency. However, when it comes to physical security against attacks exploiting side-channel leakages or fault insertions, this approach is limited by the difficulty to define the adversaries (e.g. their knowledge about the target implementation) and to specify sound physical assumptions. Quite naturally, the problem becomes even more challenging in contexts where implementations can be maliciously modified during design or fabrication via so-called hardware Trojans. The goal of the SWORD project is to design cryptographic implementations by relying on physical assumptions that can be empirically verified, in order to obtain sound security guarantees based on mathematical proofs or arguments. Additionally, the empirical verification of physical assumptions is aimed to become more transparent, by considering open source hardware and software. By allowing adversaries and evaluators to know implementation details, we expect to enable a better understanding of the fundamentals of physical security, therefore leading to improved security, efficiency and trust in the longer term. That is, we hope to establish security guarantees based on a good understanding of the physics, rather than the (relative) misunderstanding caused by closed systems as currently deployed in most applications.
An overview of the project’s achievements during its first half can be found in an invited talk given by the PI at Eurocrypt 2019:

Overall, the projects’ achievements are in four directions: mathematical aspects: primitives & definitions, physical assumptions, open source hardware and software and evaluation & verification. Strong achievements have been obtained in all directions, as suggested by the list of papers published. In summary, the main advances can be described as follows:

For the mathematical aspects, strong efforts have been paid towards understanding security definitions for leakage-resistant authenticated encryption and designs that can satisfy this definition. Our team also invested significant time in extending the formal analysis of masking schemes (in terms of composability and resistance against physical defaults).

The understanding of the noise and independence assumptions that are required for algorithmic countermeasures such as masking to deliver security were at the core of our investigation regarding physical assumptions, together with the analysis of new learning problems (in particular the Learning Parity with Physical Noise problem).

Most of our ideas were tested based on open prototype implementations. This includes software (e.g. ARM Cortex) and FPGA implementations, but also the tape out of a chip that we plan to analyze in the coming months in terms of the leakage noise it provides.

Finally, the sound evaluation of physical security remains an important challenge. Major steps have been obtained in order to enable strict bounds for the information leakage of an implementation (and several other results to pinpoint limitations in other approaches).
Many additional results for the different directions are expected for the end of the project. Most of the papers we published in important venues end with challenging open questions that we plan to tackle. This includes a clarification/simplification and connection to practice of the definitions of leakage-resistant authenticated encryption, the design of efficient masking schemes that are both glitch-resistant and composable at arbitrary orders (as we showed that existing solutions for this purpose are flawed), or the extension of advanced evaluation methodologies to bound the information leakage (via certification of statistical tools such as soft analytical side-channel attacks, possibly with shortcut solutions).

Most importantly, we intend to combine these advances in complete solutions for side-channel resistant authenticated encryption. One part of this result is the Spook proposal ( that has been submitted to the NIST Lightweight Cryptography competition. Based on this (and possibly other) algorithm, we plan to develop leveled implementations that we will make available to public audits via cryptanalysis challenges.