Side-Channel Leakage Evaluation and Detection Based on Communication Theory

Side-channel attacks (SCAs) have been a realistic serious threat to crypto devices. Therefore, evaluating the SCAs resilience of a crypto device is important and necessary. The SCAs-secure evaluation criteria includes the information theoretic metric and the security metric. The former metric, i.e. mutual information (MI), measures the leakage amount of a crypto device. However, because the real leakage distribution of a crypto device is unknown, the leakage evaluation is difficult. Commonly, there are two ways to estimate the leakage distribution of a device, i.e. non-parametric ones and parametric ones. The former may bring a big error since the leakage model is not accurate. The latter is more precise since it can profile the leakage model, but may be infeasible in practice. To combine the merits of the two estimation ways, we bypass the direct estimation of the device’s leakage distribution, and propose a non-profiling parametric estimation method. We analyze the side-channel as a communication channel, and use the average MI of the communication channel to estimate the side-channel MI. Besides, we find that the channel capacity can furnish an upper bound of the leakage amount of the device. Interestingly, based on the communication channel characteristic, we find that if we do consistency check for the channel parameters, a leakage detection method can be developed. Furthermore, the proposed method is capable of finding the Point-Of-Interests (POIs) in leakage traces and introducing few leakage points that cannot be used to mount SCAs. Finally, the experiments show the effectiveness of the proposed methods about leakage evaluation and detection.