Abstract
In this paper we examine the central question that is how well do side channel evaluation regimes capture the true security level of a product. Concretely, answering this question requires considering the optimality of the attack/evaluation strategy selected by the evaluator, and the various steps to instantiate it. We draw on a number of published works and discuss whether state-of-the-art solutions for the different steps of a side-channel security evaluation offer bounds or guarantees of optimality, or if they are inherently heuristic. We use this discussion to provide an informal rating of the steps’ optimality and to put forward where risks of overstated security levels remain.
Original language | English |
---|---|
Title of host publication | Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings |
Editors | Thyla van der Merwe, Chris Mitchell, Maryam Mehrnezhad |
Publisher | Springer |
Pages | 46-66 |
Number of pages | 21 |
ISBN (Print) | 9783030643560 |
DOIs | |
Publication status | Published - 2020 |
Event | 6th International Conference on Security Standardisation Research, SSR 2020 - London, United Kingdom Duration: 30 Nov 2020 → 1 Dec 2020 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 12529 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 6th International Conference on Security Standardisation Research, SSR 2020 |
---|---|
Country/Territory | United Kingdom |
City | London |
Period | 30/11/20 → 1/12/20 |
Bibliographical note
Funding Information:This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). François-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research.
Funding Information:
This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). Fran¸cois-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research.
Publisher Copyright:
© 2020, Springer Nature Switzerland AG.
Keywords
- Certification
- Evaluation
- Side channels
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science