Cryptology ePrint Archive: Report 2013/554

Formally Proved Security of Assembly Code Against Power Analysis

Pablo Rauzy and Sylvain Guilley and Zakaria Najm

Abstract: In his keynote speech at CHES 2004, Kocher advocated that side-channel attacks were an illustration that formal cryptography was not as secure as it was believed because some assumptions (e.g., no auxiliary information is available during the computation) were not modeled. This failure is due to the fact that formal methods work with models rather than implementations. In this paper we present formal methods and tools for designing protected code and proving its security against power analysis. These formal methods avoid the discrepancy between the model and the implementation by working on the latter rather than on a high-level model. We then demonstrate our methods in a case study in which we generate a provably protected PRESENT implementation for an 8 bit AVR smartcard.

Category / Keywords: implementation / DPL, DPA, formal proof, static analysis, symbolic execution, block cipher, PRESENT, AVR

Date: received 3 Sep 2013, last revised 8 Dec 2013

Contact author: rauzy at enst fr

Available format(s): PDF | BibTeX Citation

Note: This is a new (almost entirely rewritten) version of this paper. There are still TODOs left in it as it is a work-in-progress.

Version: 20131208:230116 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]