CryptoDB
Multi-Tuple Leakage Detection and the Dependent Signal Issue
Authors: |
|
---|---|
Download: | |
Presentation: | Slides |
Abstract: | Leakage detection is a common tool to quickly assess the security of a cryptographic implementation against side-channel attacks. The Test Vector Leakage Assessment (TVLA) methodology using Welch’s t-test, proposed by Cryptography Research, is currently the most popular example of such tools, thanks to its simplicity and good detection speed compared to attack-based evaluations. However, as any statistical test, it is based on certain assumptions about the processed samples and its detection performances strongly depend on parameters like the measurement’s Signal-to-Noise Ratio (SNR), their degree of dependency, and their density, i.e., the ratio between the amount of informative and non-informative points in the traces. In this paper, we argue that the correct interpretation of leakage detection results requires knowledge of these parameters which are a priori unknown to the evaluator, and, therefore, poses a non-trivial challenge to evaluators (especially if restricted to only one test). For this purpose, we first explore the concept of multi-tuple detection, which is able to exploit differences between multiple informative points of a trace more effectively than tests relying on the minimum p-value of concurrent univariate tests. To this end, we map the common Hotelling’s T2-test to the leakage detection setting and, further, propose a specialized instantiation of it which trades computational overheads for a dependency assumption. Our experiments show that there is not one test that is the optimal choice for every leakage scenario. Second, we highlight the importance of the assumption that the samples at each point in time are independent, which is frequently considered in leakage detection, e.g., with Welch’s t-test. Using simulated and practical experiments, we show that (i) this assumption is often violated in practice, and (ii) deviations from it can affect the detection performances, making the correct interpretation of the results more difficult. Finally, we consolidate our findings by providing guidelines on how to use a combination of established and newly-proposed leakage detection tools to infer the measurements parameters. This enables a better interpretation of the tests’ results than the current state-of-the-art (yet still relying on heuristics for the most challenging evaluation scenarios). |
Video from TCHES 2019
BibTeX
@article{tches-2019-29262, title={Multi-Tuple Leakage Detection and the Dependent Signal Issue}, journal={IACR Transactions on Cryptographic Hardware and Embedded Systems}, publisher={Ruhr-Universität Bochum}, volume={2019, Issue 2}, pages={318-345}, url={https://tches.iacr.org/index.php/TCHES/article/view/7394}, doi={10.13154/tches.v2019.i2.318-345}, author={Olivier Bronchain and Tobias Schneider and François-Xavier Standaert}, year=2019 }