Cryptology ePrint Archive: Report 2019/703

A Cautionary Note Regarding the Usage of Leakage Detection Tests in Security Evaluation

Carolyn Whitnall and Elisabeth Oswald

Abstract: An established ingredient in the security evaluation of cryptographic devices is leakage detection, whereby physically observable characteristics such as the power consumption are measured during operation and statistically analysed in search of sensitive data dependencies. However, depending on its precise execution, this approach potentially suffers several drawbacks: a risk of false positives, a difficulty interpreting negative outcomes, and the infeasibility of covering every possible eventuality. Moreover, efforts to mitigate for these drawbacks can be costly with respect to the data complexity of the testing procedures. In this work, we clarify the (varying) goals of leakage detection and assess how well-geared current practice is towards meeting each of those goals. We introduce some new innovations on existing methodologies and make recommendations for best practice. Ultimately, though, we find that many of the obstacles cannot be fully overcome according to existing statistical procedures, so that it remains to be highly cautious and to clearly state the limitations of the methods used when reporting outcomes.

Category / Keywords: implementation / side-channel analysis, leakage detection, security certification, statistical power analysis

Date: received 13 Jun 2019, last revised 14 Jun 2019

Contact author: carolyn whitnall at bris ac uk

Available format(s): PDF | BibTeX Citation

Version: 20190614:090717 (All versions of this report)

Short URL: ia.cr/2019/703


[ Cryptology ePrint archive ]