Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited

Daniel P. Martin; Luke Mather; Elisabeth Oswald

doi:10.1007/978-3-319-76953-0_21

Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited

Daniel P. Martin, Luke Mather^*, Elisabeth Oswald

^*Corresponding author for this work

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Motivated by the need to assess the concrete security of a device after a side channel attack, there has been a flurry of recent work designing both key rank and key enumeration algorithms. Two main competitors for key ranking can be found in the literature: a convolution based algorithm put forward by Glowacz et al. (FSE 2015), and a path counting based algorithm proposed by Martin et al. (Asiacrypt 2015). Both key ranking algorithms can be extended to key enumeration algorithms (Poussier et al. (CHES 2016) and Martin et al. (Asiacrypt 2015)). The two approaches were proposed independently, and have so far been treated as uniquely different techniques, with different levels of accuracy. However, we show that both approaches (for ranking) are mathematically equivalent for a suitable choice of their respective discretisation parameter. This settles questions about which one returns more accurate rankings. We then turn our attention to their related enumeration algorithms and determine why and how these algorithms differ in their practical performance.

Original language	English
Title of host publication	Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings
Editors	Nigel P. Smart
Publisher	Springer Verlag
Pages	394-412
Number of pages	19
ISBN (Print)	9783319769523
DOIs	https://doi.org/10.1007/978-3-319-76953-0_21
Publication status	Published - 2018
Event	International Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018 - San Francisco, United States Duration: 16 Apr 2018 → 20 Apr 2018

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10808 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018
Country/Territory	United States
City	San Francisco
Period	16/04/18 → 20/04/18

Bibliographical note

Funding Information:
Acknowledgements and Disclaimer. This work was in part supported by

Publisher Copyright:
© Springer International Publishing AG, part of Springer Nature 2018.

Keywords

Key enumeration
Key rank
Side channel attacks

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-319-76953-0_21

Cite this

Martin, D. P., Mather, L., & Oswald, E. (2018). Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited. In N. P. Smart (Ed.), Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings (pp. 394-412). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10808 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-76953-0_21

Martin, Daniel P. ; Mather, Luke ; Oswald, Elisabeth. / Two sides of the same coin : Counting and enumerating keys post side-channel attacks revisited. Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings. editor / Nigel P. Smart. Springer Verlag, 2018. pp. 394-412 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{da3b20159745487e9a183850ca1d44d8,

title = "Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited",

abstract = "Motivated by the need to assess the concrete security of a device after a side channel attack, there has been a flurry of recent work designing both key rank and key enumeration algorithms. Two main competitors for key ranking can be found in the literature: a convolution based algorithm put forward by Glowacz et al. (FSE 2015), and a path counting based algorithm proposed by Martin et al. (Asiacrypt 2015). Both key ranking algorithms can be extended to key enumeration algorithms (Poussier et al. (CHES 2016) and Martin et al. (Asiacrypt 2015)). The two approaches were proposed independently, and have so far been treated as uniquely different techniques, with different levels of accuracy. However, we show that both approaches (for ranking) are mathematically equivalent for a suitable choice of their respective discretisation parameter. This settles questions about which one returns more accurate rankings. We then turn our attention to their related enumeration algorithms and determine why and how these algorithms differ in their practical performance.",

keywords = "Key enumeration, Key rank, Side channel attacks",

author = "Martin, {Daniel P.} and Luke Mather and Elisabeth Oswald",

note = "Funding Information: Acknowledgements and Disclaimer. This work was in part supported by Publisher Copyright: {\textcopyright} Springer International Publishing AG, part of Springer Nature 2018.; International Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018 ; Conference date: 16-04-2018 Through 20-04-2018",

year = "2018",

doi = "10.1007/978-3-319-76953-0_21",

language = "English",

isbn = "9783319769523",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "394--412",

editor = "Smart, {Nigel P.}",

booktitle = "Topics in Cryptology – CT-RSA 2018 - The Cryptographers{\textquoteright} Track at the RSA Conference 2018, Proceedings",

}

Martin, DP, Mather, L & Oswald, E 2018, Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited. in NP Smart (ed.), Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10808 LNCS, Springer Verlag, pp. 394-412, International Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018, San Francisco, United States, 16/04/18. https://doi.org/10.1007/978-3-319-76953-0_21

Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited. / Martin, Daniel P.; Mather, Luke; Oswald, Elisabeth.
Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings. ed. / Nigel P. Smart. Springer Verlag, 2018. p. 394-412 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10808 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Two sides of the same coin

T2 - International Conference on Cryptographers Track at the RSA Conference on Topics in Cryptology, CT-RSA 2018

AU - Martin, Daniel P.

AU - Mather, Luke

AU - Oswald, Elisabeth

N1 - Funding Information: Acknowledgements and Disclaimer. This work was in part supported by Publisher Copyright: © Springer International Publishing AG, part of Springer Nature 2018.

PY - 2018

Y1 - 2018

N2 - Motivated by the need to assess the concrete security of a device after a side channel attack, there has been a flurry of recent work designing both key rank and key enumeration algorithms. Two main competitors for key ranking can be found in the literature: a convolution based algorithm put forward by Glowacz et al. (FSE 2015), and a path counting based algorithm proposed by Martin et al. (Asiacrypt 2015). Both key ranking algorithms can be extended to key enumeration algorithms (Poussier et al. (CHES 2016) and Martin et al. (Asiacrypt 2015)). The two approaches were proposed independently, and have so far been treated as uniquely different techniques, with different levels of accuracy. However, we show that both approaches (for ranking) are mathematically equivalent for a suitable choice of their respective discretisation parameter. This settles questions about which one returns more accurate rankings. We then turn our attention to their related enumeration algorithms and determine why and how these algorithms differ in their practical performance.

AB - Motivated by the need to assess the concrete security of a device after a side channel attack, there has been a flurry of recent work designing both key rank and key enumeration algorithms. Two main competitors for key ranking can be found in the literature: a convolution based algorithm put forward by Glowacz et al. (FSE 2015), and a path counting based algorithm proposed by Martin et al. (Asiacrypt 2015). Both key ranking algorithms can be extended to key enumeration algorithms (Poussier et al. (CHES 2016) and Martin et al. (Asiacrypt 2015)). The two approaches were proposed independently, and have so far been treated as uniquely different techniques, with different levels of accuracy. However, we show that both approaches (for ranking) are mathematically equivalent for a suitable choice of their respective discretisation parameter. This settles questions about which one returns more accurate rankings. We then turn our attention to their related enumeration algorithms and determine why and how these algorithms differ in their practical performance.

KW - Key enumeration

KW - Key rank

KW - Side channel attacks

UR - http://www.scopus.com/inward/record.url?scp=85045436716&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-76953-0_21

DO - 10.1007/978-3-319-76953-0_21

M3 - Conference contribution

AN - SCOPUS:85045436716

SN - 9783319769523

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 394

EP - 412

BT - Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings

A2 - Smart, Nigel P.

PB - Springer Verlag

Y2 - 16 April 2018 through 20 April 2018

ER -

Martin DP, Mather L, Oswald E. Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited. In Smart NP, editor, Topics in Cryptology – CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, Proceedings. Springer Verlag. 2018. p. 394-412. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-76953-0_21

Two sides of the same coin: Counting and enumerating keys post side-channel attacks revisited

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this