A Formal Practice-Oriented Model for the Analysis of Side-Channel Attacks (or How to Evaluate Side-Channel Attacks?)

François-Xavier Standaert
Laboratoire de microélectronique de l'Université catholique de Louvain

Formal models that allow one to understand side-channel attacks and are also directly meaningful to practice have been an open question. In this talk, we will discuss a recently introduced framework for the analysis of such physical adversaries, based on a combination of security and information theoretic metrics.

The security metric aims to discriminate different adversaries and corresponds to the formal notion of side-channel key recovery. The information theoretic metric (namely the mutual information) aims to discriminate different implementations independently of the adversary and its computational power. By combining both metrics, the model allows answering the important following questions in the investigation of physical security issues, namely:

1. How to quantify the amount of information provided by a given physical computer? 2. How successfully can an adversary turn this information into a practical attack?

Through a number of practical examples, we will (try to) illustrate the need and relevance of these metrics. Then, (depending on time
constraints) we will cover some exemplary applications of the model, e.g. the analysis of a practical implementation context, the evaluation of adaptive strategies for side-channel attacks or the design of primitives with provable security against side-channel attacks.

Audio (MP3 File, Podcast Ready) Presentation (PDF File)

Back to Workshop IV: Special purpose hardware for cryptography: Attacks and Applications