leakage assessment methodology
play

Leakage Assessment Methodology - a clear roadmap for side-channel - PowerPoint PPT Presentation

Feb 26, 2024 •325 likes •1.15k views

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th , 2015 Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 2

  1. Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th , 2015

  2. Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 2

  3. Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 3

  4. Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 4

  5. Motivation Security Evaluation Does the chip leak information? Problem: Evaluation is not trivial. Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 5

  6. Motivation Security Evaluation Does the chip leak information? Problem: Evaluation is not trivial. Non-Invasive Attack Testing Workshop, 2011 Goal: Establish testing methodology capable of robustly assessing the physical vulnerability of cryptographic devices. Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 6

  7. Motivation Attack-based Testing Perform state-of-the-art attacks on the device under test (DUT) Attacks Intermediate Leakage Types: Values: Models: • DPA • Sbox In • HW × × • CPA • Sbox Out • HD • MIA • Sbox In/Out • Bit • … • … • … Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 7

  8. Motivation Attack-based Testing Perform state-of-the-art attacks on the device under test (DUT) Attacks Intermediate Leakage Types: Values: Models: • DPA • Sbox In • HW × × • CPA • Sbox Out • HD • MIA • Sbox In/Out • Bit • … • … • … Problems: • High computational complexity • Requires lot of expertise • Does not cover all possible attack vectors Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 8

  9. Motivation Testing based on t -Test Tries to detect any type of leakage at a certain order • Proposed by CRI at NIST workshop Advantages: • Independent of architecture • Independent of attack model • Fast & simple • Versatile Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 9

  10. Motivation Testing based on t -Test Tries to detect any type of leakage at a certain order • Proposed by CRI at NIST workshop Advantages: • Independent of architecture • Independent of attack model • Fast & simple • Versatile Problems: • No information about hardness of attack • Possible false positives if no care about evaluation setup Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 10

  11. Contribution 1. Explain statistical background in a (hopefully) more understandable way 2. More detailed discussion of higher-order testing 3. Hints how to design fast & correct measurement setup 4. Optimization of analysis phase Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 11

  12. Statistical Background • t -Test Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 12

  13. Statistical Background t -Test Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 13

  14. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 14

  15. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 Null Hypothesis: Two population means are equal. Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 15

  16. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 16

  17. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 𝜈 1 𝜈 0 Sample mean: 2 2 𝑡 1 𝑡 0 Sample variance: 𝑜 1 𝑜 0 Sample size: Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 17

  18. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 𝜈 1 𝜈 0 Sample mean: 2 2 𝑡 1 𝑡 0 Sample variance: 𝑜 1 𝑜 0 Sample size: 2 2 2 𝑜 0 + 𝑡 1 𝑡 0 𝑜 1 t = 𝜈 0 − 𝜈 1 v = 𝑢 -test statistic Degree of freedom 2 2 2 2 𝑡 0 𝑡 1 2 2 𝑜 0 + 𝑡 1 𝑡 0 𝑜 0 𝑜 1 𝑜 1 𝑜 0 − 1 + 𝑜 1 − 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 18

  19. Statistical Background t -Test 𝑢 𝑤 Γ 𝑤 + 1 −𝑤+1 1 + 𝑢 2 2 Estimate the probability to accept null 2 𝑔 𝑢, 𝑤 = 𝜌𝑤 Γ 𝑤 hypothesis with Student’s 𝑢 distribution: 𝑤 2 ∞ 𝑞 = 2 𝑔 t, v 𝑒𝑢 Compute: |𝑢| Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 19

  20. Statistical Background t -Test 𝑢 𝑤 Γ 𝑤 + 1 −𝑤+1 1 + 𝑢 2 2 Estimate the probability to accept null 2 𝑔 𝑢, 𝑤 = 𝜌𝑤 Γ 𝑤 hypothesis with Student’s 𝑢 distribution: 𝑤 2 ∞ 𝑞 = 2 𝑔 t, v 𝑒𝑢 Compute: |𝑢| Small 𝑞 values give evidence to reject the null hypothesis Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 20

  21. Statistical Background t -Test  For testing usually only the 𝑢 -value is estimated  Compared to a threshold of t > 4.5 • 𝑞 = 2𝐺 −4.5, 𝑤 > 1000 < 0.00001 • Confidence of > 0.99999 to reject the null hypothesis Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 21

  22. Testing Methodology Specific 𝒖 -Test • • Non-Specific t -Test Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 22

  23. Testing Methodology Specific t -Test Measurements 𝑈 𝑗 With Associated Data 𝐸 𝑗 Specific t -Test:  Key is known to enable correct partitioning  Test is conducted at each sample point separately (univariate)  If corresponding 𝑢 -test exceeds threshold ⇒ DPA probable Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 23

  24. Testing Methodology Specific t -Test Measurements 𝑈 𝑗 𝑢𝑏𝑠𝑕𝑓𝑢 𝑐𝑗𝑢 𝐸 𝑗 = 0 With Associated Data 𝐸 𝑗 𝑅 0 Specific t -Test:  Key is known to enable correct partitioning  Test is conducted at each sample point separately (univariate)  If corresponding 𝑢 -test exceeds threshold ⇒ DPA probable Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 24

  25. Testing Methodology Specific t -Test Measurements 𝑈 𝑗 𝑢𝑏𝑠𝑕𝑓𝑢 𝑐𝑗𝑢 𝐸 𝑗 = 0 𝑢𝑏𝑠𝑕𝑓𝑢 𝑐𝑗𝑢 𝐸 𝑗 = 1 With Associated Data 𝐸 𝑗 𝑅 0 𝑅 1 Specific t -Test:  Key is known to enable correct partitioning  Test is conducted at each sample point separately (univariate)  If corresponding 𝑢 -test exceeds threshold ⇒ DPA probable Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 25

  26. Testing Methodology Non-Specific t -Test Non-Specific t -Test:  fixed vs. random t -test  Avoids being dependent on any intermediate value/model  Detected leakage of single test is not always exploitable  Semi-fixed vs. random t- test useful in certain cases Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 26

  27. Testing Methodology Non-Specific t -Test Non-Specific t -Test:  fixed vs. random t -test  Avoids being dependent on any intermediate value/model  Detected leakage of single test is not always exploitable  Semi-fixed vs. random t- test useful in certain cases Measurements 𝑈 𝑘 With Fixed Associated Data D 𝑅 0 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 27

  28. Testing Methodology Non-Specific t -Test Non-Specific t -Test:  fixed vs. random t -test  Avoids being dependent on any intermediate value/model  Detected leakage of single test is not always exploitable  Semi-fixed vs. random t- test useful in certain cases Measurements 𝑈 Measurements 𝑈 𝑗 𝑘 With Random With Fixed Associated Data D 𝑗 Associated Data D 𝑅 0 𝑅 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 28

  29. Higher-Order Testing • Multivariate • Univariate Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 29

  30. Higher-Order Testing Multivariate Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 30

  31. Higher-Order Testing Multivariate 𝑇 1 Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 31

  32. Higher-Order Testing Multivariate 𝑇 1 𝑇 2 Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 32

  33. Higher-Order Testing Multivariate 𝑇 1 𝑇 2 Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Centered Product: 𝑦′ = 𝑦 1 − 𝜈 1 ⋅ 𝑦 2 − 𝜈 2 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 33

  34. Higher-Order Testing Univariate 𝑇 1 𝑇 2 Univariate:  Shares are processed in parallel (HW)  Leakages at the same time instance need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 34

Recommend

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015 Tobias Schneider &amp; Amir Moradi Ruhr-Universitt Bochum Embedded Security Group Outline Motivation Statistical Background Testing

461 views • 43 slides
An assessment of carbon leakage in the light of the COP-15 pledges. L. Paroussos., P.

An assessment of carbon leakage in the light of the COP-15 pledges. L. Paroussos., P.

An assessment of carbon leakage in the light of the COP-15 pledges. L. Paroussos., P. Karkatsoulis, K. Fragiadakis, P. Capros E3MLab/NTUA WIOD FP7 Research Project April 2012 1 Overview Modelling methodology and calibration of a

606 views • 26 slides
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Friday, September 11 th , 2015 Motivation Physical Attacks &amp; Countermeasures input output input output Timing, Power, EM,

746 views • 47 slides
NAC Assessment Criteria, Methodology and Covid-19 Compliance 1 ASSESSMENT CRITERIA CHANGE The

NAC Assessment Criteria, Methodology and Covid-19 Compliance 1 ASSESSMENT CRITERIA CHANGE The

NAC Assessment Criteria, Methodology and Covid-19 Compliance 1 ASSESSMENT CRITERIA CHANGE The purpose of this presentation is to outline alterations to the criteria and methodology for application assessment by programme panel members to

626 views • 10 slides
Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional

Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional

Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional Account Director Arcom Digital &lt; HOME Digital Leakage Outline Digital Leakage Traditional Leakage LTE Ingress and Egress issues

877 views • 68 slides
Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

SAC Summer School 2019 Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions allow us to prove that our schemes achieve a certain leakage profile but doesnt tell us if a leakage profile is

477 views • 22 slides
Deliverability Assessment Methodology Straw Proposal Paper Deliverability Assessment Methodology

Deliverability Assessment Methodology Straw Proposal Paper Deliverability Assessment Methodology

Deliverability Assessment Methodology Straw Proposal Paper Deliverability Assessment Methodology Straw Proposal Paper Stakeholder Meeting August 5, 2019 California ISO Public California ISO Public Agenda Time Item 9:00-9:30 Welcome and

545 views • 53 slides
Deliverability Assessment Methodology Draft Final Proposal Paper Deliverability Assessment

Deliverability Assessment Methodology Draft Final Proposal Paper Deliverability Assessment

Deliverability Assessment Methodology Draft Final Proposal Paper Deliverability Assessment Methodology Straw Proposal Paper Stakeholder Meeting October 4, 2019 California ISO Public California ISO Public Introduction Neil Millar Executive

789 views • 54 slides
Experimental Assessment of Experimental Assessment of p Brine and/or CO2 Leakage Brine and/or

Experimental Assessment of Experimental Assessment of p Brine and/or CO2 Leakage Brine and/or

Experimental Assessment of Experimental Assessment of p Brine and/or CO2 Leakage Brine and/or CO2 Leakage Th Through Well Cements at Through Well Cements at Th h W ll C h W ll C t t t t Reservoir Conditions Reservoir Conditions

737 views • 35 slides
Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1:

Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1:

SAC Summer School 2019 Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1: ORAM simulation Store and simulate data structure with ORAM General-purpose Zero-leakage (if data is transformed

1.29k views • 60 slides
Fast leakage assessment Oscar Reparaz COSIC / KU Leuven Benedikt Gierlichs CHES 2017 Taipei

Fast leakage assessment Oscar Reparaz COSIC / KU Leuven Benedikt Gierlichs CHES 2017 Taipei

Fast leakage assessment Oscar Reparaz COSIC / KU Leuven Benedikt Gierlichs CHES 2017 Taipei (Taiwan) 2017-09-26 Ingrid Verbauwhede 1 an empirical approach to test device security Enumerate all attacks, check if any is successful

359 views • 31 slides
Pressure Optimisation Introduction Why carry out Pressure Optimisation How and Who

Pressure Optimisation Introduction Why carry out Pressure Optimisation How and Who

Pressure Optimisation Introduction Why carry out Pressure Optimisation How and Who Methodology Modelling input Leakage saving assessment Scope of the project Case Study Sale Manchester Why pressure

540 views • 14 slides
The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water

The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water

The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water leakage can occur . To prevent leakage-related damages it sends an alert whenever water is detected. The device also visualizes its status on the online

234 views • 10 slides
The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P.

The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P.

The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P. Chung, Steven Han, Wenke Lee College of Computing Georgia Institute of Technology Outline Background &amp; Motivation Methodology

576 views • 34 slides
Carbon leakage: theory, evidence and policy PMR Webinar on Carbon Leakage John Ward November 24

Carbon leakage: theory, evidence and policy PMR Webinar on Carbon Leakage John Ward November 24

Carbon leakage: theory, evidence and policy PMR Webinar on Carbon Leakage John Ward November 24 and December 3, 2015 Vivid Economics Overview Definition Theory Evidence Addressing leakage Why? Which sectors? How? 2

408 views • 29 slides
LEAKAGE - RESILIENT PUBLIC - KEY ENCRYPTION FROM OBFUSCATION Dana Dachman-Soled, S. Dov

LEAKAGE - RESILIENT PUBLIC - KEY ENCRYPTION FROM OBFUSCATION Dana Dachman-Soled, S. Dov

LEAKAGE - RESILIENT PUBLIC - KEY ENCRYPTION FROM OBFUSCATION Dana Dachman-Soled, S. Dov Gordon, Feng-Hao Lui, Adam, ONeill, and Hong-Sheng Zhou O UTLINE OF T ALK Leakage Models for PKE Bounded, Continual, and Continual w/ Leakage on

1.05k views • 102 slides
Restoration Opportunities Assessment Methodology (ROAM) This Presentation Will Cover The

Restoration Opportunities Assessment Methodology (ROAM) This Presentation Will Cover The

Restoration Opportunities Assessment Methodology (ROAM) This Presentation Will Cover The global potential for restoration The forest landscape restoration approach Restoration Opportunities Assessment Methodology (ROAM) 2

1.3k views • 73 slides
Design of Mixed Gates for Design of Mixed Gates for Leakage Reduction Leakage Reduction Frank

Design of Mixed Gates for Design of Mixed Gates for Leakage Reduction Leakage Reduction Frank

GLSVLSI 2007 17th edition of ACM Great Lakes Symposium on VLSI Design of Mixed Gates for Design of Mixed Gates for Leakage Reduction Leakage Reduction Frank Sill, Jiaxi You, Dirk Timmermann Institute of Applied Microelectronics and Computer

738 views • 32 slides
General Assessment Methodology Process Juan Carlos Mora and Richard OBrien, for Working Group

General Assessment Methodology Process Juan Carlos Mora and Richard OBrien, for Working Group

General Assessment Methodology Process Juan Carlos Mora and Richard OBrien, for Working Group 2 Legacy sites and NORM draft Site characterisation methodology See Rodolfo Avilas plenary presentation (next slide) Ideas(1)

621 views • 7 slides
Deliverability Assessment Methodology Issue Paper Neil Millar Executive Director, Infrastructure

Deliverability Assessment Methodology Issue Paper Neil Millar Executive Director, Infrastructure

Deliverability Assessment Methodology Issue Paper Neil Millar Executive Director, Infrastructure Development Generation Deliverability Assessment Methodology Issue Paper Stakeholder Call May 2, 2019 California ISO Public California ISO

498 views • 38 slides
Using a life cycle assessment methodology for the analysis of two treatment systems of

Using a life cycle assessment methodology for the analysis of two treatment systems of

Using a life cycle assessment methodology for the analysis of two treatment systems of food-processing industry wastewaters L. Maya-Altamira* , A.Baun*, M.Hauschild** and J.E.Schmidt* *Institute of Environment &amp; Resources, DTU **Department

189 views • 16 slides
KOi + Credit Management Assessment KOi+ - Methodology Assessment of the quality of the

KOi + Credit Management Assessment KOi+ - Methodology Assessment of the quality of the

KOi + Credit Management Assessment KOi+ - Methodology Assessment of the quality of the credit management process, based on best practices 200 statements on the quality of the credit management process Scoring and discussion

695 views • 6 slides
The Delphi methodology and other impact assessment methodologies: Opportunities and challenges

The Delphi methodology and other impact assessment methodologies: Opportunities and challenges

The Delphi methodology and other impact assessment methodologies: Opportunities and challenges for standardisation and regulation bodies in the telecommunication sector Dr. Knut Blind Adjusting Forecasting Methods to the Needs of the

458 views • 31 slides
An introduction to a generic Health Impact Assessment Methodology Debbie Abrahams,

An introduction to a generic Health Impact Assessment Methodology Debbie Abrahams,

An introduction to a generic Health Impact Assessment Methodology Debbie Abrahams, International Health Impact Assessment Consortium, University of Liverpool Presentation Overview Overview of HIA procedure and methods Examples

471 views • 33 slides

More recommend