Paper 2016/297

A Unified Metric for Quantifying Information Leakage of Cryptographic Devices under Power Analysis Attacks

Liwei Zhang, A. Adam Ding, Yunsi Fei, and Pei Luo

Abstract

To design effective countermeasures for cryptosystems against side-channel power analysis attacks, the evaluation of the system leakage has to be lightweight and often times at the early stage like on cryptographic algorithm or source code. When real implementations and power leakage measurements are not available, security evaluation has to be through metrics for the information leakage of algorithms. In this work, we propose such a general and unified metric, information leakage amount - ILA. ILA has several distinct advantages over existing metrics. It unifies the measure of information leakage to various attacks: first-order and higher-order DPA and CPA attacks. It works on algorithms with no mask protection or perfect/imperfect masking countermeasure.It is explicitly connected to the success rates of attacks, the ultimate security metric on physical implementations. Therefore, we believe ILA is an accurate indicator of the side-channel security level of the physical system, and can be used during the countermeasure design stage effectively and efficiently for choosing the best countermeasure.

Metadata
Available format(s)
PDF
Publication info
Published by the IACR in ASIACRYPT 2015
DOI
10.1007/978-3-662-48800-3_14
Keywords
Information leakage amountside-channel securitypower analysis attack
Contact author(s)
a ding @ neu edu
History
2016-03-17: received
Short URL
https://ia.cr/2016/297
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/297,
      author = {Liwei Zhang and A.  Adam Ding and Yunsi Fei and Pei Luo},
      title = {A Unified Metric for Quantifying Information Leakage of Cryptographic Devices under Power Analysis Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/297},
      year = {2016},
      doi = {10.1007/978-3-662-48800-3_14},
      url = {https://eprint.iacr.org/2016/297}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.