You are looking at a specific version 20041229:150241 of this paper. See the latest version.

Paper 2004/369

SCA1 Model: Towards a concrete security approach to the design of cryptosystems secure against side-channel attacks

Filipe Rosado da-Fonseca

Abstract

When implementing cryptosystems in general purpose cryptographic hardware, one takes profit of the Application Programming Interfaces (APIs) displaced by the hardware to code the required cryptosystems. The functions made available by these APIs are divided into two groups, the group of the non-cryptographic functions and the group of the cryptographic primitives. When using these functions, one assumes that the functions of the first group are protected against simple side-channel attacks and the functions of the second group are protected against both simple and differential side-channel attacks. Nonetheless, the cryptosystems that make use of these functions may leak information through side-channels. To close this gap of security, a new model is introduced here. It deeply explains how the functions made available by the hardware's APIs must be protected against side-channel attacks and how this hardware must manage memory. In addition, it introduces an adversary that can undertake side-channel attacks against the cryptosystems to test, and teaches how to represent these attacks in pseudo-code. This paper terminates with both the introduction of some security notions and the presentation of the results of testing some well known cryptosystems in accordance with the latter security notions.

Note: The attacks described in this paper were introduced at the Rump Session of CHES 2004

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
Side channelspower-analysistiming-analysiselectromagnetic-analysisoptical-analysissmart cardssymmetric authenticationsymmetric encryptiondigital signatureasymmetric encryptionsigncryptionpseudorandom permutationspseudorandom functionsbirthday attack.
Contact author(s)
frfonseca @ mind-security com
History
2004-12-29: received
Short URL
https://ia.cr/2004/369
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.