Paper 2008/162

Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks

Michael Backes and Boris Köpf

Abstract

We propose a novel approach for quantifying a system's resistance to unknown-message side-channel attacks. The approach is based on a measure of the secret information that an attacker can extract from a system from a given number of side-channel measurements. We provide an algorithm to compute this measure, and we use it to analyze the resistance of hardware implementations of cryptographic algorithms with respect to power and timing attacks. In particular, we show that message-blinding -- the common countermeasure against timing attacks -- reduces the rate at which information about the secret is leaked, but that the complete information is still eventually revealed. Finally, we compare information measures corresponding to unknown-message, known-message, and chosen-message attackers and show that they form a strict hierarchy.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. This is an extended version of the ESORICS '08 paper
Keywords
Side-Channel AttacksFormal Verification
Contact author(s)
bkoepf @ mpi-sws mpg de
History
2008-08-13: revised
2008-04-14: received
See all versions
Short URL
https://ia.cr/2008/162
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/162,
      author = {Michael Backes and Boris Köpf},
      title = {Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2008/162},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/162}},
      url = {https://eprint.iacr.org/2008/162}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.