Cryptology ePrint Archive: Report 2015/537

Towards Easy Leakage Certification

François Durvaux and François-Xavier Standaert and Santos Merino Del Pozo,

Abstract: Side-channel attacks generally rely on the availability of good leakage models to extract sensitive information from cryptographic implementations. The recently introduced leakage certification tests aim to guarantee that this condition is fulfilled based on sound statistical arguments. They are important ingredients in the evaluation of leaking devices since they allow a good separation between engineering challenges (how to produce clean measurements) and cryptographic ones (how to exploit these measurements). In this paper, we propose an alternative leakage certification test that is significantly simpler to implement than the previous proposal from Eurocrypt 2014. This gain admittedly comes at the cost of a couple of heuristic (yet reasonable) assumptions on the leakage distribution. To confirm its relevance, we first show that it allows confirming previous results of leakage certification. We then put forward that it leads to additional and useful intuitions regarding the information losses caused by incorrect assumptions in leakage modeling.

Category / Keywords: implementation

Original Publication (with minor differences): IACR-CHES-2016

Date: received 2 Jun 2015, last revised 3 Jun 2016

Contact author: fstandae at uclouvain be

Available format(s): PDF | BibTeX Citation

Version: 20160603:082948 (All versions of this report)

Short URL: ia.cr/2015/537

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]