Skip to main content

Robust and Efficient Approaches to Evaluating Side Channel and Fault Attack Resilience

Leistungen

White paper on security testing via simulators

This deliverable will explain the use of the novel leakage simulation technique and its potential for integration with dynamic testing of code (i.e. compilation and testing); it will be targeted to developers in the IoT domain.

Interim report on shortcut formulas

This deliverable will explain the use of shortcut formulas to make statements about leakage properties of implementations.

White Paper on Assurance in Security Evaluations

This is an external deliverable written in the style of a white paper. It will summarise findings around the statistical confidence issues and the optimality of the evaluation approaches. A particular focus will be set on listing the parts of an evaluation that can be efficiently automated and the ones that require expert engineers.

White paper on shortcut formulas

This deliverable is based on D2.1 but will explain the use of shortcut formulas to make statements about leakage properties of implementations to non-experts.

Data management plan

Policy for the management of research data generated during the project.

Interim portfolio of best methods and improved evaluation techniques

This deliverable will provide an update on the portfolio of improved evaluation techniques and their figures of merit.

Report on automation

This is an update and final version of D2.2.

Report on instruction level profiling

This deliverable will detail the methodologies to create accurate instruction-level profiles, illustrated on the example of a popular processor (we envision to base our work on the ARM Cortex-M0.

Interim report on automation

This deliverable will describe which evaluation steps can be safely automated and how.

Final report on standardization

This deliverable covers the effort by the consortium regarding standardisation in over the entire project. It will be publicly available and hence outline the activities and progress without revealing confidential information from the previous deliverables.

Final report on automation

Update of D2.5 addressing Deep Learning methods.

Final report on tools

This deliverable will summarise all work done with regards to producing practically relevant tools. It is intended to be a technical description and discuss implementation options taken alongside the analytical (i.e. theoretical) progress made on a level that is accessible for the relevant stakeholders. It will also communicate how these tools can be used effectively and place considerable emphasis on communicating best practice with regards to producing reliable evidence for the the effectiveness of ‘new attacks’.

White Paper on Evaluation Strategies for AES and ECC.

This is a deliverable written in the style of a white paper. It will summarise definitions and metrics, and give guidance as to how they can be usefully employed in practical evaluations. It will also contain proposals for sound evaluation strategies for some implementation options of AES and ECC. The document will be aimed at practitioners working in industry as well as evaluation labs, and it will be publicised via the appropriate venues.

Report on dissemination activities

Report summarizing the other dissemination activities foreseen by the dissemination plan (cf. Sec. 2.2.1), such as publications, actions towards specific stake holders (JHAS, EMVco, . . . ), yearly briefings, etc.

Final project report

This final report will comply with the Guidance Notes on Project Reporting for H2020 Collaborative Projects, i.e. “A final publishable summary report, a plan for use and dissemination of foreground and a report on societal implications shall be established at the end of the project. The publishable summary should address a wide audience, including the general public and the final report on use and dissemination of foreground should, where appropriate, be an update of the initial plan in Annex I for use and dissemination of foreground and be consistent with the report on societal implications on the use and dissemination of foreground”.

Final portfolio of best methods and improved evaluation techniques

This deliverable will provide the final portfolio of improved evaluation techniques and their figures of merit.

Data sets for ECC implementations

This deliverable contains several data sets of ECC implementations. A data set consists of a description of the device under attack, implementation archtitectures, measurement parameters, alongside leakage traces, inputs/outputs, and used randomness.

SCA Training

Advanced SCA training course integrating new evaluation techniques, as described in Sec. 2.2.1

Data sets for AES implementations

This deliverable contains several data sets for AES implementations. A data set consists of a description of the device under attack, implementation architecture, measurement parameters, alongside leakage traces, inputs/outputs, and used randomness.

Dissemination Workshop

Dedicated workshop for dissemination and feedback collection and joint Walk & Explore session.

Web site and repository

Web site and repository for information and distribution of results, publication and tools. It will first be put online at M04 and will be regularly updated throughout the project.

Final Simulator

This deliverable represent the final release of the leakage simulation and fault simulation tool(s).

Prototype Simulator

This deliverable contains a first prototype of a leakage simulator, i.e. a software tool that takes in a (high-level) description of e.g. AES and produces leakage traces given some definend characteristics.

Veröffentlichungen

Convolutional Neural Networks with Data Augmentation Against Jitter-Based Countermeasures - Profiling Attacks Without Pre-processing

Autoren: Eleonora Cagli, Cécile Dumas, Emmanuel Prouff
Veröffentlicht in: CHES 2017, 2017, Page(s) 45-68
DOI: 10.1007/978-3-319-66787-4_3

Very High Order Masking: Efficient Implementation and Security Evaluation

Autoren: Anthony Journault, François-Xavier Standaert
Veröffentlicht in: CHES 2017, Issue Lecture Notes in Computer Science - 10529, 2017, Page(s) 623-643
DOI: 10.1007/978-3-319-66787-4_30

Categorising and Comparing Cluster-Based DPA Distinguishers

Autoren: Xinping Zhou, Carolyn Whitnall, Elisabeth Oswald, Degang Sun, Zhu Wang
Veröffentlicht in: SAC 2017, 2017, Page(s) 442-458
DOI: 10.1007/978-3-319-72565-9_23

Connecting and Improving Direct Sum Masking and Inner Product Masking

Autoren: Romain Poussier, Qian Guo, François-Xavier Standaert, Claude Carlet, Sylvain Guilley
Veröffentlicht in: CRYPTO 2017, 2017, Page(s) 123-141
DOI: 10.1007/978-3-319-75208-2_8

Getting the Most Out of Leakage Detection - Statistical tools and measurement setups hand in hand

Autoren: Santos Merino del Pozo, François-Xavier Standaert
Veröffentlicht in: COSADE 2017, Issue Lecture Notes in Computer Science - 10348, 2017, Page(s) 264-281
DOI: 10.1007/978-3-319-64647-3_16

Towards Sound and Optimal Leakage Detection Procedure

Autoren: A. Adam Ding, Liwei Zhang, Francois Durvaux, Francois-Xavier Standaert, Yunsi Fei
Veröffentlicht in: CARDIS 2017, Issue Lecture Notes in Computer Sciences 10728, 2017, Page(s) 105-122
DOI: 10.1007/978-3-319-75208-2_7

A Systematic Approach to the Side-Channel Analysis of ECC Implementations with Worst-Case Horizontal Attacks

Autoren: Romain Poussier, Yuanyuan Zhou, François-Xavier Standaert
Veröffentlicht in: CARDIS 2017, Issue Lecture Notes in Computer Sciences 10529, 2017, Page(s) 534-554
DOI: 10.1007/978-3-319-66787-4_26

Applying Horizontal Clustering Side-Channel Attacks on Embedded ECC Implementations

Autoren: Erick Nascimento, Łukasz Chmielewski
Veröffentlicht in: CARDIS 2017, 2017, Page(s) 213-231
DOI: 10.1007/978-3-319-75208-2_13

Towards Practical Tools for Side Channel Aware Software Engineering: ‘Grey Box’ Modelling for Instruction Leakages

Autoren: David McCann, Elisabeth Oswald, Carolyn Whitnall
Veröffentlicht in: USENIX Security Symposium 2017, 2017

Leakage Detection with the x2-Test

Autoren: Moradi Amir, Richter Bastian, Schneider Tobias, Standaert François-Xavier
Veröffentlicht in: CHES 2018, Issue IACR Transactions on Cryptographic Hardware and Embedded Systems, Vol.2018, N°1, 2018, Page(s) 209-237
DOI: 10.13154/tches.v2018.i1.209-237

Masking Proofs are Tight (and How to Exploit it in Security Evaluations

Autoren: Vincent Grosso, François-Xavier Standaert
Veröffentlicht in: EUROCRYPT 2018, Issue Lecture Notes in Computer Science - 10821, 2018, Page(s) 385-412
DOI: 10.1007/978-3-319-78375-8_13

Key Enumeration from the Adversarial Viewpoint When to Stop Measuring and Start Enumerating?

Autoren: Melissa Azouaoui, Romain Poussier, François-Xavier Standaert, Vincent Verneuil
Veröffentlicht in: Proceedings of CARDIS 2019, 2019, Page(s) 15 pages

Gradient Visualization for General Characterization in Profiling Attacks

Autoren: Loïc Masure, Cécile Dumas, Emmanuel Prouff
Veröffentlicht in: Constructive Side-Channel Analysis and Secure Design - 10th International Workshop, COSADE 2019, Darmstadt, Germany, April 3–5, 2019, Proceedings, Issue 11421, 2019, Page(s) 145-167
DOI: 10.1007/978-3-030-16350-1_9

A Comprehensive Study of Deep Learning for Side-Channel Analysis

Autoren: Loïc Masure, Cécile Dumas, Emmanuel prouff
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Issue Vol. 2020, n°1, 2020, Page(s) 348-375

A Critical Analysis of ISO 17825 (‘Testing methods for the mitigation of non-invasive attack classes against cryptographic modules’)

Autoren: Carolyn Whitnall, Elisabeth Oswald
Veröffentlicht in: Proceedings of ASIACRYPT 2019, 2019

Share-slicing: Friend or Foe?

Autoren: Si Gao, Ben Marshall, Dan Page and Elisabeth Oswald
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Issue 2020, 2020, Page(s) 152-174

Start Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling

Autoren: Liran Lerman, Nikita Veshchikov, Olivier Markowitch, Francois-Xavier Standaert
Veröffentlicht in: IEEE Transactions on Computers, Issue 67/2, 2018, Page(s) 268-283, ISSN 0018-9340
DOI: 10.1109/tc.2017.2731342

Multi-Tuple Leakage Detection and the Dependent Signal Issue

Autoren: Olivier Bronchain, Tobias Schneider, François-Xavier Standaert
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Issue 2019, N°2, 2019, Page(s) 318-345, ISSN 2569-2925
DOI: 10.13154/tches.v2019.i2.318-345

Provable Order Amplification for Code-Based Masking: How to Avoid Non-Linear Leakages Due to Masked Operations

Autoren: Weijia Wang, Yu Yu, Francois-Xavier Standaert
Veröffentlicht in: IEEE Transactions on Information Forensics and Security, Issue 14/11, 2019, Page(s) 3069-3082, ISSN 1556-6013
DOI: 10.1109/tifs.2019.2912549

Reducing a Masked Implementation’s Effective Security Order with Setup Manipulations

Autoren: Itamar Levi, Davide Bellizia, François-Xavier Standaert
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Issue Vol. 2019, N°2, 2019, Page(s) 293-317, ISSN 2569-2925
DOI: 10.13154/tches.v2019.i2.293-317

Ridge-Based DPA: Improvement of Differential Power Analysis For Nanoscale Chips

Autoren: Weijia Wang, Yu Yu, Francois-Xavier Standaert, Junrong Liu, Zheng Guo, Dawu Gu
Veröffentlicht in: IEEE Transactions on Information Forensics and Security, Issue 13/5, 2018, Page(s) 1301-1316, ISSN 1556-6013
DOI: 10.1109/tifs.2017.2787985

Beyond algorithmic noise or how to shuffle parallel implementations?

Autoren: Itamar Levi, Davide Bellizia, François‐Xavier Standaert
Veröffentlicht in: International Journal of Circuit Theory and Applications, Issue 48/5, 2020, Page(s) 674-695, ISSN 0098-9886
DOI: 10.1002/cta.2756

Side-Channel Countermeasures’ Dissection and the Limits of Closed Source Security Evaluations

Autoren: Olivier Bronchain, François-Xavier Standaert
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Issue 2020, N°2, 2020, Page(s) 1-25, ISSN 2569-2925
DOI: 10.13154/tches.v2020.i2.1-25

FENL: an ISE to mitigate analogue micro-architectural leakage

Autoren: Si Gao, Ben Marshall, Dan Page, Thinh Pham
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Issue 2020, N°2, 2020, Page(s) 73-98, ISSN 2569-2925
DOI: 10.13154/tches.v2020.i2.73-98

Open Database of Side Channel Traces for Deep Learning

Autoren: Ryad BENADJILA Eleonora CAGLI Cécile DUMAS Emmanuel PROUFF Rémi STRULLU
Veröffentlicht in: 2018

Study of Deep Learning Techniques for Side-Channel Analysis and Introduction to ASCAD Database

Autoren: Emmanuel Prouff Remi Strullu Ryad Benadjila Eleonora Cagli Cecile Dumas
Veröffentlicht in: 2018

Secure AES128 for ATMega8515

Autoren: Ryad Benadjila Victor Lomné Emmanuel Prouff Thomas Roche
Veröffentlicht in: 2018

ELMO: Emulating Leaks for the Arm Cortex-M0 without Access to a Side Channel Lab

Autoren: David McCann, Elisabeth Oswald, Carolyn Whitnall
Veröffentlicht in: ARM Research Summit 2017, 2017

Efficient Evaluation of the Success Rate in Side-Channel Attacks

Autoren: Emmanuel Prouff
Veröffentlicht in: Second Theory of Implementation Security (TIs) Workshop, 2018

Deep Learning for Embedded Security Evaluation

Autoren: Emmanuel Prouff
Veröffentlicht in: Workshop on Practical Hardware Innovation in Security and Characterization (PHISIC 2018), 2018

Modelling M0 leakage generically - How different can leakages be among different M0 devices?

Autoren: Si Gao
Veröffentlicht in: ARM Research Summit 2018, 2018

Lowering the bar: deep learning for side-channel analysis

Autoren: Guilherme Perin, Baris Ege, Jasper van Woudenberg
Veröffentlicht in: 2018

Strength in Numbers: Improving Generalization with Ensembles in Profiled Side-channel Analysis

Autoren: Guilherme Perin, Lukasz Chmielewski, Stjepan Picek
Veröffentlicht in: IACR Cryptology ePrint Archive, Issue 2019/978, 2019

Learning when to stop: a mutual information approach to fight overfitting in profiled side-channel analysis

Autoren: Guilherme Perin, Ileana Buhan, Stjepan Picek
Veröffentlicht in: IACR Cryptology ePrint Archive, 2020

How (Not) to Use Welch’s T-Test in Side-Channel Security Evaluations

Autoren: François-Xavier Standaert
Veröffentlicht in: Smart Card Research and Advanced Applications - 17th International Conference, CARDIS 2018, Montpellier, France, November 12–14, 2018, Revised Selected Papers, Issue 11389, 2019, Page(s) 65-79
DOI: 10.1007/978-3-030-15462-2_5

Leakage Certification Revisited: Bounding Model Errors in Side-Channel Security Evaluations

Autoren: Olivier Bronchain, Julien M. Hendrickx, Clément Massart, Alex Olshevsky, François-Xavier Standaert
Veröffentlicht in: Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18–22, 2019, Proceedings, Part I, Issue 11692, 2019, Page(s) 713-737
DOI: 10.1007/978-3-030-26948-7_25

Fast Side-Channel Security Evaluation of ECC Implementations - Shortcut Formulas for Horizontal Side-Channel Attacks Against ECSM with the Montgomery Ladder

Autoren: Melissa Azouaoui, Romain Poussier, François-Xavier Standaert
Veröffentlicht in: Constructive Side-Channel Analysis and Secure Design - 10th International Workshop, COSADE 2019, Darmstadt, Germany, April 3–5, 2019, Proceedings, Issue 11421, 2019, Page(s) 25-42
DOI: 10.1007/978-3-030-16350-1_3

Private Multiplication over Finite Fields

Autoren: Sonia Belaïd, Fabrice Benhamouda, Alain Passelègue, Emmanuel Prouff, Adrian Thillard, Damien Vergnaud
Veröffentlicht in: Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20–24, 2017, Proceedings, Part III, Issue 10403, 2017, Page(s) 397-426
DOI: 10.1007/978-3-319-63697-9_14

Lightweight MACs from Universal Hash Functions

Autoren: Sébastien Duval, Gaëtan Leurent
Veröffentlicht in: Smart Card Research and Advanced Applications - 18th International Conference, CARDIS 2019, Prague, Czech Republic, November 11–13, 2019, Revised Selected Papers, Issue 11833, 2020, Page(s) 195-215
DOI: 10.1007/978-3-030-42068-0_12

Neural Network Model Assessment for Side-Channel Analysis

Autoren: Guilherme Perin, Baris Ege, Lukasz Chmielewski
Veröffentlicht in: Neural Network Model Assessment for Side-Channel Analysis, 2020, Page(s) 1-21

Datensätze

REASSURE (H2020 731591) Dataset FPGA AES128

Autoren: Bellizia, Davide
Veröffentlicht in: Zenodo

REASSURE (H2020 731591) Masked AES Dataset

Autoren: Lukasz Chmielewski; Ileana Buhan; Karim Tobich
Veröffentlicht in: Zenodo

REASSURE (H2020 731591) HW DES Dataset

Autoren: Lukasz Chmielewski; Ileana Buhan; Karim Tobich