Next Article in Journal
Statically Aggregate Verifiable Random Functions and Application to E-Lottery
Previous Article in Journal
Algorithm of Information Embedding into Digital Images Based on the Chinese Remainder Theorem for Data Security
Previous Article in Special Issue
Side-Channel Evaluation Methodology on Software
Open AccessArticle

How Bad Are Bad Templates? Optimistic Design-Stage Side-Channel Security Evaluation and its Cost

by *,† and
Faculty of Engineering, Bar-Ilan University (BIU), Ramat-Gan 5290002, Israel
*
Author to whom correspondence should be addressed.
These authors contributed equally to this work.
Received: 6 November 2020 / Revised: 27 November 2020 / Accepted: 30 November 2020 / Published: 8 December 2020
(This article belongs to the Special Issue Side Channel and Fault Injection Attacks and Countermeasures)
Cryptographic designs are vulnerable to side-channel analysis attacks. Evaluating their security during design stages is of crucial importance. The latter is achieved by very expensive (slow) analog transient-noise simulations over advanced fabrication process technologies. The main challenge of such rigorous security-evaluation analysis lies in the fact that technologies are becoming more and more complex and the physical properties of manufactured devices vary significantly due to process variations. In turn, a detailed security evaluation process imposes exponential time complexity with the circuit-size, the number of physical implementation corners (statistical variations) and the accuracy of the circuit-simulator. Given these circumstances, what is the cost of not exhausting the entire implementation space? In terms of simulation-time complexity, the benefits would clearly be significant; however, we are interested in evaluating the security implications. This question can be formulated for many other interesting side-channel contexts such as for example, how would an attack-outcome vary when the adversary is building a leakage template over one device, i.e., one physical corner, and it performs an evaluation (attack) phase of a device drawn from a different statistical corner? Alternatively, is it safe to assume that a typical (average) corner would represent the worst case in terms of security evaluation or would it be advisable to perform a security evaluation over another specific view? Finally, how would the outcome vary concretely? We ran in-depth experiments to answer these questions in the hope of finding a nice tradeoff between simulation efforts and expertise, and security-evaluation degradation. We evaluate the results utilizing methodologies such as template-attacks with a clear distinction between profiling and attack-phase statistical views. This exemplary view of what an adversary might capture in these scenarios is followed by a more complete statistical evaluation analysis utilizing tools such as the Kullback–Leibler (KL) divergence and the Jensen-Shannon (JS) divergence to draw conclusions. View Full-Text
Keywords: corners; device mismatch; worst case security evaluation; side-channel analysis; template attacks; simulation; statistical distance corners; device mismatch; worst case security evaluation; side-channel analysis; template attacks; simulation; statistical distance
Show Figures

Figure 1

MDPI and ACS Style

Breuer, R.; Levi, I. How Bad Are Bad Templates? Optimistic Design-Stage Side-Channel Security Evaluation and its Cost. Cryptography 2020, 4, 36. https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4040036

AMA Style

Breuer R, Levi I. How Bad Are Bad Templates? Optimistic Design-Stage Side-Channel Security Evaluation and its Cost. Cryptography. 2020; 4(4):36. https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4040036

Chicago/Turabian Style

Breuer, Rinat; Levi, Itamar. 2020. "How Bad Are Bad Templates? Optimistic Design-Stage Side-Channel Security Evaluation and its Cost" Cryptography 4, no. 4: 36. https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography4040036

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop