Test Apparatus for Side-Channel Resistance Compliance Testing
نویسندگان
چکیده
A way to classify the security level of a cryptographic device is to estimate the effort an adversary has to invest in an attack to be successful. While there are metrics and mathematical models to determine the complexity of attacks on cryptographic algorithms and protocols, estimating the security level of an implementation is more complicated. This is because attacks on the implementation depend on a variety of parameters: the expertise of the adversary, the equipment that is available, the knowledge about the implementation, and the individual information leakage of the device. In this paper, we propose a low cost test apparatus that allows amplifying the side-channel leakage by using a second device for noise cancelation. This technique improves the quality of side-channel measurements even without detailed knowledge and control over the reference device. We evaluated our idea by designing and evaluating three different apparatus each using two cryptographic devices. We achieved a side-channel leakage improvement between 20 and 220 % compared to a classical side-channel attack setup using only one device. The number of needed traces is reduced by a factor of 10 which not only minimizes the effort in evaluating the side-channel resistance of countermeasureenabled devices but also helps in performing efficient attacks in practice.
منابع مشابه
Test Vector Leakage Assessment (TVLA) methodology in practice
Many security standards require cryptographic devices and modules to resist side-channel attacks such as Timing Analysis as well as Simple and Differential Power/Electromagnetic Analysis. These requirements have also been included in the draft FIPS 140-3 standard [1]. However, existing security certification standards mandating side-channel resistance, such as Common Criterion, require an evalu...
متن کاملCompleting the Complete ECC Formulae with Countermeasures
This work implements and evaluates the recent complete addition formulae for the prime order elliptic curves of Renes, Costello and Batina on an FPGA platform. We implement three different versions: (1) an unprotected architecture; (2) an architecture protected through coordinate randomization; and (3) an architecture with both coordinate randomization and scalar splitting in place. The evaluat...
متن کاملBuilding a resistance to ignition testing device for sunglasses and analysing data: a continuing study for sunglasses standards
BACKGROUND Sunglasses popularity skyrocketed since its advent. The ongoing trend led to the creation of standards to protect consumers from injuries and secondary hazards due to spectacles use. In Brazil, the corresponding standard is NBR ISO 12312-1:2015 and since there is no mandatory testing, evaluating sunglasses performance provides an insight into compliance with the standard. In a contin...
متن کاملA Secure Asynchronous Hardware Implementation Of DES Cryptography Algorithm
QDI Dual-rail asynchronous circuits, if implemented carefully balanced, have natural and efficient resistance to side-channel attacks in cryptography applications. Due to hardware redundancy in previous balanced gate designs, there are many faults which can make them imbalanced without causing logical errors. Therefore, traditional logical testing methods are unable to test and verify if a gate...
متن کاملExperimental Results on INSTAC-8 Compliant Board
This paper presents the results of three kinds of side-channel attacks, experimentally made against software-implemented ciphers on INSTAC-8 Compliant Board. INSTAC-8 is the standard evaluation platform, newly designed by the Information Technology Research and Standardization Center (INSTAC; a division of Japan Standards Association), to test Side-channel attack against the software-implemente...
متن کامل