The defense strategy described in this paper pairs each useful data element $k$ with a camouflage value $v$ and simultaneously transmits both $k$ and $v$ over the channel. This releases an emission $e(k,v)$. We wish to select the camouflage values $v(k)$ as a function of $k$ in a way that makes the quantities $e(k,v(k))$ as {\sl indistinguishable} as possible from each other.
We model the problem and show that optimal camouflage values can be computed from side-channels under very weak physical assumptions. The proposed technique is hence applicable to a wide range of readily available technologies.
We propose algorithms for computing optimal camouflage values when the number of samples per trace is moderate (typically $\leq 6$) and justify our models by a statistical analysis.
We also provide experimental results obtained using FPGAs.
Category / Keywords: implementation / side channel attacks Date: received 29 Dec 2012, last revised 1 Jan 2013 Contact author: david naccache at ens fr Available formats: PDF | BibTeX Citation Version: 20130101:145041 (All versions of this report) Discussion forum: Show discussion | Start new discussion