Paper 2024/757

Formal Definition and Verification for Combined Random Fault and Random Probing Security

Sonia Belaid, CryptoExperts (France)
Jakob Feldtkeller, Ruhr University Bochum
Tim Güneysu, Ruhr University Bochum, German Research Centre for Artificial Intelligence
Anna Guinet, Ruhr University Bochum
Jan Richter-Brockmann, Ruhr University Bochum
Matthieu Rivain, CryptoExperts (France)
Pascal Sasdrich, Ruhr University Bochum
Abdul Rahman Taleb, CryptoExperts (France)
Abstract

In our highly digitalized world, an adversary is not constrained to purely digital attacks but can monitor or influence the physical execution environment of a target computing device. Such side-channel or fault-injection analysis poses a significant threat to otherwise secure cryptographic implementations. Hence, it is important to consider additional adversarial capabilities when analyzing the security of cryptographic implementations besides the default black-box model. For side-channel analysis, this is done by providing the adversary with knowledge of some internal values, while for fault-injection analysis the capabilities of the adversaries include manipulation of some internal values. In this work, we extend probabilistic security models for physical attacks, by introducing a general random probing model and a general random fault model to capture arbitrary leakage and fault distributions, as well as the combination of these models. Our aim is to enable a more accurate modeling of low-level physical effects. We then analyze important properties, such as the impact of adversarial knowledge on faults and compositions, and provide tool-based formal verification methods that allow the security assessment of design components. These methods are introduced as extension of previous tools VERICA and IronMask which are implemented, evaluated and compared.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
Physical SecurityRandom Probing ModelRandom Fault ModelCombined AnalysisVericaIronMask
Contact author(s)
sonia belaid @ cryptoexperts com
jakob feldtkeller @ rub de
tim gueneysu @ rub de
anna guinet @ rub de
jan richter-brockmann @ rub de
matthieu rivain @ cryptoexperts com
pascal sasdrich @ rub de
taleb abdulrahman1 @ gmail com
History
2024-05-27: last of 2 revisions
2024-05-17: received
See all versions
Short URL
https://ia.cr/2024/757
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/757,
      author = {Sonia Belaid and Jakob Feldtkeller and Tim Güneysu and Anna Guinet and Jan Richter-Brockmann and Matthieu Rivain and Pascal Sasdrich and Abdul Rahman Taleb},
      title = {Formal Definition and Verification for Combined Random Fault and Random Probing Security},
      howpublished = {Cryptology ePrint Archive, Paper 2024/757},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/757}},
      url = {https://eprint.iacr.org/2024/757}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.