A Novel Framework for Explainable Leakage Assessment

Si Gao and Elisabeth Oswald

Abstract

Non-specific leakage detection (initially introduced as “Test Vector Leakage Assessment”, short TVLA) plays a vital role in practice because it detects (potential) leaks independently of assumptions about the leakage model and any specific attack vector. However, the nonspecific nature means detected leaks might not be exploitable, and thus the current state of the art is to employ a battery of specific attacks to confirm the detection outcomes. We propose a novel leakage assessment framework which enables to link non-specific leakage detection outcomes with size of the key guess that is necessary to exploit them. We therefore solve the problem of deciding if or not a leak is exploitable without the need for specific attacks. Our methodology furthermore enables (for a detected leak) to reveal the specific key bytes, and with that, it allows the construction of confirmatory attacks. This novel approach is enabled by proposing to cast the leakage detection problem as the statistical task of building key-dependent regression models: if such a model exists, then we know that the point leaks. Depending on the size and nature of the model, we can further judge the exploitability and provide a concrete attack vector.

Available format(s)
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
Leakage detectionSide channel analysis
Contact author(s)
si-gao @ outlook com
elisabeth oswald @ aau at
History
Short URL
https://ia.cr/2022/182

CC BY

BibTeX

@misc{cryptoeprint:2022/182,
author = {Si Gao and Elisabeth Oswald},
title = {A Novel Framework for Explainable Leakage Assessment},
howpublished = {Cryptology ePrint Archive, Paper 2022/182},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/182}},
url = {https://eprint.iacr.org/2022/182}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.