Paper 2015/207

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations

Tobias Schneider and Amir Moradi

Abstract

Evoked by the increasing need to integrate side-channel countermeasures into security-enabled commercial devices, evaluation labs are seeking a standard approach that enables a fast, reliable and robust evaluation of the side-channel vulnerability of the given products. To this end, standardization bodies such as NIST intend to establish a leakage assessment methodology fulfilling these demands. One of such proposals is the Welch's t-test, which is being put forward by Cryptography Research Inc., and is able to relax the dependency between the evaluations and the device's underlying architecture. In this work, we deeply study the theoretical background of the test's different flavors, and present a roadmap which can be followed by the evaluation labs to efficiently and correctly conduct the tests. More precisely, we express a stable, robust and efficient way to perform the tests at higher orders. Further, we extend the test to multivariate settings, and provide details on how to efficiently and rapidly carry out such a multivariate higher-order test. Including a suggested methodology to collect the traces for these tests, we point out practical case studies where different types of t-tests can exhibit the leakage of supposedly secure designs.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
A minor revision of an IACR publication in CHES 2015
Keywords
side-channel analysist-testleakage assessment
Contact author(s)
amir moradi @ rub de
History
2015-06-16: revised
2015-03-06: received
See all versions
Short URL
https://ia.cr/2015/207
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/207,
      author = {Tobias Schneider and Amir Moradi},
      title = {Leakage Assessment Methodology - a clear roadmap for side-channel evaluations},
      howpublished = {Cryptology ePrint Archive, Paper 2015/207},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/207}},
      url = {https://eprint.iacr.org/2015/207}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.