Towards Easy Leakage Certification
نویسندگان
چکیده
Side-channel attacks generally rely on the availability of good leakage models to extract sensitive information from cryptographic implementations. The recently introduced leakage certification tests aim to guarantee that this condition is fulfilled based on sound statistical arguments. They are important ingredients in the evaluation of leaking devices since they allow a good separation between engineering challenges (how to produce clean measurements) and cryptographic ones (how to exploit these measurements). In this paper, we propose an alternative leakage certification test that is significantly simpler to implement than the previous proposal from Eurocrypt 2014. This gain admittedly comes at the cost of a couple of heuristic (yet reasonable) assumptions on the leakage distribution. To confirm its relevance, we first show that it allows confirming previous results of leakage certification. We then put forward that it leads to additional and useful intuitions regarding the information losses caused by incorrect assumptions in leakage modeling.
منابع مشابه
Profiling Good Leakage Models For Masked Implementations
Leakage model plays a very important role in side channel attacks. An accurate leakage model greatly improves the efficiency of attacks. However, how to profile a ”good enough” leakage model, or how to measure the accuracy of a leakage model, is seldom studied. Durvaux et al. proposed leakage certification tests to profile ”good enough” leakage model for unmasked implementations. However, they ...
متن کاملSecure Quantum Passwords
We propose a quantum authentication protocol that is robust against the theft of secret keys. In the protocol, disposable quantum passwords prevent impersonation attacks with stolen secret keys. The protocol also prevents the leakage of secret information of a certification agent. [email protected] [email protected]
متن کاملCorrectness Proof of a Middleware GSI Certification-Based Replication Protocol
This paper provides a formal specification and proof of correctness of a basic Generalized SI certification-based data replication protocol for database middleware architectures. It has been modeled using a state transition system, as well as the main system components, allowing a perfect match with the usual deployment in a middleware system. The proof encompasses both safety and liveness prop...
متن کاملTowards Leakage Exploitation Optimality in Profiled Side-Channel Attacks
Template Attack is widely accepted to be one of the most powerful side-channel attacks, because it is usually assumed that one has a full knowledge of targeted crypto devices and thus be well capable of characterizing the side-channel leakages. However, the question of whether Template Attack is really optimal in terms of leakage exploitation rate is still unclear. In this paper, we present a n...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2015 شماره
صفحات -
تاریخ انتشار 2015