Paper 2022/1131

CINI MINIS: Domain Isolation for Fault and Combined Security

Jakob Feldtkeller, Ruhr University Bochum
Jan Richter-Brockmann, Ruhr University Bochum
Pascal Sasdrich, Ruhr University Bochum
Tim Güneysu, Ruhr University Bochum
Abstract

Observation and manipulation of physical characteristics are well-known and powerful threats to cryptographic devices. While countermeasures against passive side-channel and active fault-injection attacks are well understood individually, combined attacks, i.e., the combination of fault injection and side-channel analysis, is a mostly unexplored area. Naturally, the complexity of analysis and secure construction increases with the sophistication of the adversary, making the combined scenario especially challenging. To tackle complexity, the side-channel community has converged on the construction of small building blocks, which maintain security properties even when composed. In this regard, Probe-Isolating Non-Interference (PINI) is a widely used notion for secure composition in the presence of side-channel attacks due to its efficiency and elegance. In this work, we transfer the core ideas behind PINI to the context of fault and combined security and, from that, construct the first trivially composable gadgets in the presence of a combined adversary.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. ACM CCS 2022
DOI
10.1145/3548606.3560614
Keywords
Side-Channel Analysis Fault-Injection Analysis Combined Attacks Gadgets Probe-Isolating Non-Interference
Contact author(s)
jakob feldtkeller @ rub de
jan richter-brockmann @ rub de
pascal sasdrich @ rub de
tim gueneysu @ rub de
History
2022-08-31: approved
2022-08-30: received
See all versions
Short URL
https://ia.cr/2022/1131
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1131,
      author = {Jakob Feldtkeller and Jan Richter-Brockmann and Pascal Sasdrich and Tim Güneysu},
      title = {{CINI} {MINIS}: Domain Isolation for Fault and Combined Security},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1131},
      year = {2022},
      doi = {10.1145/3548606.3560614},
      url = {https://eprint.iacr.org/2022/1131}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.