Paper 2024/757
Formal Definition and Verification for Combined Random Fault and Random Probing Security
Abstract
In our highly digitalized world, an adversary is not constrained to purely digital attacks but can monitor or influence the physical execution environment of a target computing device. Such side-channel or fault-injection analysis poses a significant threat to otherwise secure cryptographic implementations. Hence, it is important to consider additional adversarial capabilities when analyzing the security of cryptographic implementations besides the default black-box model. For side-channel analysis, this is done by providing the adversary with knowledge of some internal values, while for fault-injection analysis the capabilities of the adversaries include manipulation of some internal values. In this work, we extend probabilistic security models for physical attacks, by introducing a general random probing model and a general random fault model to capture arbitrary leakage and fault distributions, as well as the combination of these models. Our aim is to enable a more accurate modeling of low-level physical effects. We then analyze important properties, such as the impact of adversarial knowledge on faults and compositions, and provide tool-based formal verification methods that allow the security assessment of design components. These methods are introduced as extension of previous tools VERICA and IronMask which are implemented, evaluated and compared.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Preprint.
- Keywords
- Physical SecurityRandom Probing ModelRandom Fault ModelCombined AnalysisVericaIronMask
- Contact author(s)
-
sonia belaid @ cryptoexperts com
jakob feldtkeller @ rub de
tim gueneysu @ rub de
anna guinet @ rub de
jan richter-brockmann @ rub de
matthieu rivain @ cryptoexperts com
pascal sasdrich @ rub de
taleb abdulrahman1 @ gmail com - History
- 2024-05-27: last of 2 revisions
- 2024-05-17: received
- See all versions
- Short URL
- https://ia.cr/2024/757
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/757, author = {Sonia Belaid and Jakob Feldtkeller and Tim Güneysu and Anna Guinet and Jan Richter-Brockmann and Matthieu Rivain and Pascal Sasdrich and Abdul Rahman Taleb}, title = {Formal Definition and Verification for Combined Random Fault and Random Probing Security}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/757}, year = {2024}, url = {https://eprint.iacr.org/2024/757} }