Abstract
Today’s side channel attack targets are often complex devices in which instructions are processed in parallel and work on 32-bit data words. Consequently, the state that is involved in producing leakage in these modern devices is not only large, but also hard to predict due to various micro-architectural factors that users might not be aware of. On the other hand, security evaluations—basing on worst case attacks or simulators—explicitly rely on the underlying state: a potentially incomplete state can easily lead to wrong conclusions. We put forward a novel notion for the “completeness” of an assumed state, together with an efficient statistical test that is based on “collapsed models”. Our novel test can be used to recover a state that contains multiple 32-bit variables in a grey box setting. We illustrate how our novel test can help to guide side channel attacks and we reveal new attack vectors for existing implementations. We then demonstrate the application of this test in the context of leakage modelling for leakage simulators and confirm that even the most recent leakage simulators do not capture all available leakage of their respective target devices. Our new test enables finding nominal models that capture all available leakage but do not give a helping hand to adversaries. Thereby we make a first step towards leakage simulators that are responsibly engineered.
| Original language | English |
|---|---|
| Title of host publication | Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings |
| Publisher | Springer |
| Pages | 254-283 |
| Number of pages | 30 |
| ISBN (Electronic) | 9783031070822 |
| ISBN (Print) | 9783031070815 |
| DOIs | |
| Publication status | Published - 25 May 2022 |
| Event | 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022 - Trondheim, Norway Duration: 30 May 2022 → 3 Jun 2022 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 13277 |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022 |
|---|---|
| Country/Territory | Norway |
| City | Trondheim |
| Period | 30/05/22 → 3/06/22 |
Bibliographical note
Funding Information:Acknowledgments. We would like to thank all anonymous reviewers for their constructive comments. The authors were funded in part by the ERC via the grant SEAL (Project Reference 725042).
Publisher Copyright:
© 2022, International Association for Cryptologic Research.
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science