Paper 2025/1858

Testing Security Equivalence in the Random Probing Model

Anna Guinet, Ruhr University Bochum
Carina Graw, Ruhr University Bochum
Lukas Koletzko, Ruhr University Bochum
Jan Richter-Brockmann, Ruhr University Bochum
Holger Dette, Ruhr University Bochum
Tim Güneysu, Ruhr University Bochum
Abstract

The random probing model is a theoretical model that abstracts the physical leakage of an embedded device running a cryptographic scheme with more realistic assumptions compared to the threshold probing model. It assumes that the wires of the target device leak their assigned values with probability $p$, and the said values may reveal information about secret data, which could lead to a security violation. From that, we can compute the probability $\epsilon$ that a side-channel adversary may learn secret data from any random combination of wires as a function of the number of wire combinations that breaches security with rate $p$. This model is used to evaluate the security of masked cryptographic implementations, or simply named circuits; and the research community has been focusing so far on approximating or estimating the probability $\epsilon$ for one circuit. Yet, no proposition has been made to quickly compare the probability $\epsilon$ of different circuits, e.g., a circuit and its optimized version. In this context, we present two statistical tests to make decisions about the level of security in the random probing model: the equivalence test compares the security of two circuits in terms of $\epsilon$'s and the superiority test decides whether the undetermined $\epsilon$ of one circuit falls below a security threshold $\epsilon_0$, both with quantified uncertainty about the computations of the probabilities $\epsilon$'s. The validity of these tests is proven mathematically sound and verified via empirical studies on small masked S-boxes.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in TCHES 2026
Keywords
random probing modelequivalence testingsuperiority testingmasking
Contact author(s)
anna guinet @ rub de
carina graw @ rub de
lukas koletzko @ rub de
jan richter-brockmann @ rub de
holger dette @ rub de
tim gueneysu @ rub de
History
2025-10-10: revised
2025-10-07: received
See all versions
Short URL
https://ia.cr/2025/1858
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/1858,
      author = {Anna Guinet and Carina Graw and Lukas Koletzko and Jan Richter-Brockmann and Holger Dette and Tim Güneysu},
      title = {Testing Security Equivalence in the Random Probing Model},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/1858},
      year = {2025},
      url = {https://eprint.iacr.org/2025/1858}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.