multi tuple leakage detection and the dependent signal
play

Multi-Tuple Leakage Detection and the Dependent Signal Issue - PowerPoint PPT Presentation

Feb 17, 2023 •381 likes •1.3k views

Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Multi-Tuple Leakage Detection and the Dependent Signal Issue Olivier Bronchain Tobias Schneider Fran cois-Xavier Standaert CHES 2019, Atlanta, USA Olivier Bronchain

  1. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Multi-Tuple Leakage Detection and the Dependent Signal Issue Olivier Bronchain Tobias Schneider Fran¸ cois-Xavier Standaert CHES 2019, Atlanta, USA Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 1 / 20

  2. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Table of Contents Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 2 / 20

  3. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Content Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 3 / 20

  4. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Side-Channel Issue Encryption on physical devices: ◮ Standard utilization P ’s Crypto C ’s Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 4 / 20

  5. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Side-Channel Issue Encryption on physical devices: ◮ Standard utilization P ’s Crypto C ’s ◮ But with any physical signals l ’s Physical Trace Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 4 / 20

  6. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Side-Channel Issue Encryption on physical devices: ◮ Standard utilization P ’s Crypto C ’s ◮ But with any physical signals ◮ Possibly containing secret information l ’s Physical Trace Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 4 / 20

  7. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Side-Channel Issue Encryption on physical devices: ◮ Standard utilization P ’s Crypto C ’s ◮ But with any physical signals ◮ Possibly containing secret information l ’s Physical Trace Side-channel Attacks: ◮ Known to be hard to prevent ◮ Hard to evaluate as well Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 4 / 20

  8. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Side-Channel Issue Encryption on physical devices: ◮ Standard utilization P ’s Crypto C ’s ◮ But with any physical signals ◮ Possibly containing secret information l ’s Physical Trace Two evaluation approaches: Side-channel Attacks: ◮ Attack based ◮ Known to be hard to prevent ◮ Leakage detection ◮ Hard to evaluate as well Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 4 / 20

  9. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Attack Based Evaluation = ? Can directly mount attacks: P ’s Crypto C ’s 1. Collect measurements l ’s Physical Trace Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 5 / 20

  10. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Attack Based Evaluation = ? Can directly mount attacks: P ’s Crypto C ’s 1. Collect measurements 2. Perform an attack l ’s Physical Trace Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 5 / 20

  11. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Attack Based Evaluation = ? Can directly mount attacks: P ’s Crypto C ’s 1. Collect measurements 2. Perform an attack 3. Retrieve the correct sub-key l ’s Physical Trace Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 5 / 20

  12. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Attack Based Evaluation = ? Can directly mount attacks: P ’s Crypto C ’s 1. Collect measurements 2. Perform an attack 3. Retrieve the correct sub-key l ’s This requires: Physical Trace 1. Long measurement period 2. Skilled/expert knowledge 3. Distinguish 1 sub-key within 256 Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 5 / 20

  13. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Based Evaluation Leakage detection searches for dependency between manipulated data and physical traces. Crypto Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 6 / 20

  14. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Based Evaluation Leakage detection searches for dependency between manipulated data and physical traces. 1 or 2 ◮ Feed the core with two different sets of inputs P 1 or P 2 Crypto C 1 or C 2 Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 6 / 20

  15. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Based Evaluation Leakage detection searches for dependency between manipulated data and physical traces. 1 or 2 ◮ Feed the core with two different sets of inputs P 1 or P 2 Crypto C 1 or C 2 ◮ Record the corresponding traces Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 6 / 20

  16. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Based Evaluation Leakage detection searches for dependency between manipulated data and physical traces. 1 or 2 ◮ Feed the core with two different sets of inputs P 1 or P 2 Crypto C 1 or C 2 ◮ Record the corresponding traces ◮ Observe differences between the two sets Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 6 / 20

  17. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Based Evaluation Leakage detection searches for dependency between manipulated data and physical traces. How does it compare with attack based 1 or 2 evaluations: ◮ Shortened measurement period (Possibly) P 1 or P 2 Crypto C 1 or C 2 ◮ No skilled/expert knowledge Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 6 / 20

  18. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Based Evaluation Leakage detection searches for dependency between manipulated data and physical traces. How does it compare with attack based 1 or 2 evaluations: ◮ Shortened measurement period (Possibly) P 1 or P 2 Crypto C 1 or C 2 ◮ No skilled/expert knowledge A good first check but: ◮ Risk of false positives and false negatives Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 6 / 20

  19. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Content Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 7 / 20

  20. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

  21. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: 1. Select a point in time . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

  22. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: 1. Select a point in time 2. Record traces to observe a distribution Distributions . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

  23. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: 1. Select a point in time 2. Record traces to observe a distribution Distributions 3. Perform a statistical test Statistical Test . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

  24. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: 1. Select a point in time 2. Record traces to observe a distribution Distributions 3. Perform a statistical test 4. Observe its binary output Statistical Test No difference found . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

  25. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: 1. Select a point in time 2. Record traces to observe a distribution Distributions 3. Perform a statistical test 4. Observe its binary output Statistical Test Repeat with more measurements if needed No difference found . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

  26. Introduction Leakage Detection Multi-Tuple Leakage Detection Conclusion Leakage Detection Find a difference between the two sets: 1. Select a point in time 2. Record traces to observe a distribution Distributions 3. Perform a statistical test 4. Observe its binary output Statistical Test Repeat with more measurements if needed Difference found . Olivier Bronchain Multi-Tuple Leakage Detection and the Dependent Signal Issue 8 / 20

Recommend

Applying Signal Detection Theory to Multi-Level Modeling: When Accuracy Isn't Always

Applying Signal Detection Theory to Multi-Level Modeling: When Accuracy Isn't Always

Applying Signal Detection Theory to Multi-Level Modeling: When Accuracy Isn't Always Accurate December 5 th , 2011 Scott Fraundorf & Jason Finley Outline Why do we need SDT? Sensitivity vs. Response Bias Example SDT

941 views • 59 slides
A Signal Processing Approach to the Detection of Pulmonary Edema EEE24B Nicole Lim Sze Ting Dr

A Signal Processing Approach to the Detection of Pulmonary Edema EEE24B Nicole Lim Sze Ting Dr

A Signal Processing Approach to the Detection of Pulmonary Edema EEE24B Nicole Lim Sze Ting Dr Ser Wee Pulmonary Edema the accumulation of excess fluid in the lungs Accuracy dependent on clinician's experience Limitations of Costly,

666 views • 54 slides
Lecture 10 Pulses Chapter 8 and 9 Detection of a Binary Signal Detection of a Binary Wave-

Lecture 10 Pulses Chapter 8 and 9 Detection of a Binary Signal Detection of a Binary Wave-

Lecture 10 Prior and Posterior Distribu- tions Methods of Coded Modulation Nyquist Lecture 10 Pulses Chapter 8 and 9 Detection of a Binary Signal Detection of a Binary Wave- Optics Signal 1 ECE243b Lightwave Communications -

617 views • 25 slides
Pipeline Surveillance and Leakage Detection Systems with IoT and UAV Presented by: Ukachi

Pipeline Surveillance and Leakage Detection Systems with IoT and UAV Presented by: Ukachi

AFRICAN UNIVERSITY OF SCIENCE AND TECHNOLOGY, ABUJA Pipeline Surveillance and Leakage Detection Systems with IoT and UAV Presented by: Ukachi Osisiogu Objectives KEY DISCUSSIONS Introduction - Background and Significance of Project Brief

1.11k views • 19 slides
Psychophysics & Signal Detection Theory Jonathan Pillow Perception (PSY 345 / NEU 325)

Psychophysics & Signal Detection Theory Jonathan Pillow Perception (PSY 345 / NEU 325)

Psychophysics & Signal Detection Theory Jonathan Pillow Perception (PSY 345 / NEU 325) Princeton University, Spring 2019 Lec. 3 Chapter 1 1 Outline for today: Stephens power law psychophysics Signal Detection Theory 2

667 views • 24 slides
Detection of process-dependent changes in Hf (1-x) Si x O 2 /Si(100) barrier heights by Second

Detection of process-dependent changes in Hf (1-x) Si x O 2 /Si(100) barrier heights by Second

Conference on Laser and Electro-Optics May 7 th , 2008 Detection of process-dependent changes in Hf (1-x) Si x O 2 /Si(100) barrier heights by Second Harmonic Generation Jimmy Price, Yongqiang An, and Michael C. Downer Physics Dept., University

104 views • 6 slides
Phase and Frequency detection Detection of sinusoidal signal characteristics Phase

Phase and Frequency detection Detection of sinusoidal signal characteristics Phase

Phase and Frequency detection Detection of sinusoidal signal characteristics Phase Frequency Usually involves some type of feedback. Typically use a local oscillator (DDS) for a comparison. The Analogy PLL The digital World

374 views • 26 slides
Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Methods

Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Methods

Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Methods Keng-Shih Lu and Antonio Ortega October 22, 2019 Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Metho K. Lu and A.

575 views • 35 slides
Parallel Nested Loops For each tuple s i in S For each tuple t j in T If s i =t j ,

Parallel Nested Loops For each tuple s i in S For each tuple t j in T If s i =t j ,

9/15/2011 Parallel Nested Loops For each tuple s i in S For each tuple t j in T If s i =t j , then add (s i ,t j ) to output Create partitions S 1 , S 2 , T 1 , and T 2 Have processors work on (S 1 ,T 1 ), (S 1 ,T 2 ), (S 2 ,T 1

329 views • 13 slides
Direct Detection of Dark Matter - Signal or No Signal? - The Best Way Forward Rick Gaitskell

Direct Detection of Dark Matter - Signal or No Signal? - The Best Way Forward Rick Gaitskell

Direct Detection of Dark Matter - Signal or No Signal? - The Best Way Forward Rick Gaitskell (gaitskell@brown.edu) Co-Spokesperson, LUX Collaboration Particle Astrophysics Group, Brown University, Department of Physics (Supported by US

766 views • 32 slides
A differential equation model for multi-class, multi-server queue networks with time dependent

A differential equation model for multi-class, multi-server queue networks with time dependent

SANUM Conference March 2016 A differential equation model for multi-class, multi-server queue networks with time dependent parameters. Emma Gibson Prof SE Visagie Operations Research Division, Department of Logistics, Stellenbosch University

562 views • 44 slides
Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional

Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional

Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional Account Director Arcom Digital < HOME Digital Leakage Outline Digital Leakage Traditional Leakage LTE Ingress and Egress issues

877 views • 68 slides
F From STEM EELS to multi dimensional and STEM EELS t lti di i l d multi signal

F From STEM EELS to multi dimensional and STEM EELS t lti di i l d multi signal

Taipei, November 22, 2011 F From STEM EELS to multi dimensional and STEM EELS t lti di i l d multi signal electron microscopy Christian Colliex Laboratoire de Physique des Solides, Bldg 510 L b i d h i d S lid ld 10

842 views • 59 slides
Collaborative Signal Detection: Human-human and Human-computer teams Jason S. McCarley Ali

Collaborative Signal Detection: Human-human and Human-computer teams Jason S. McCarley Ali

Collaborative Signal Detection: Human-human and Human-computer teams Jason S. McCarley Ali Enright Megan Bartlett Signal d Detection Noise Signal p(evidence | N) or p(evidence | S+N) + Noise Theory Decision variable / Evidence d

297 views • 29 slides
Signal detection experience to date EMA / IFAH-Europe Info Day An agency of the European

Signal detection experience to date EMA / IFAH-Europe Info Day An agency of the European

Signal detection experience to date EMA / IFAH-Europe Info Day An agency of the European Union Presented by Jos Olaerts on 13 March 2015 Signal detection experience to date What is it? How is it done? Does it work? Whats next?

591 views • 33 slides
Simple Safety Monitoring with Signal Detection Magnus Mengelbier Director PhUSE 2009 1 Topics

Simple Safety Monitoring with Signal Detection Magnus Mengelbier Director PhUSE 2009 1 Topics

Simple Safety Monitoring with Signal Detection Magnus Mengelbier Director PhUSE 2009 1 Topics Introduction Case Profile Patient Profiles Safety Surveillance Signal Detection Signals Framework Summary

1.09k views • 22 slides
Detection of TR UWB signal in the presence of Narrowband Interference Yohannes Alemseged and

Detection of TR UWB signal in the presence of Narrowband Interference Yohannes Alemseged and

Detection of TR UWB signal in the presence of Narrowband Interference Yohannes Alemseged and Klaus Witrisal yohannes@sbox.tugraz.at . Signal Processing and Speech Communication Laboratory spsc.inw.tugraz.at Graz University of Technology,

512 views • 23 slides
Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

German Research Center for Artificial Intelligence GmbH Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party www.amiproject.org Conversations Conversations Feast, 30th September 2009 , 30th September

322 views • 28 slides
Routine signal detection and statistical tools on paediatrics Paediatric workshop 28 April

Routine signal detection and statistical tools on paediatrics Paediatric workshop 28 April

Routine signal detection and statistical tools on paediatrics Paediatric workshop 28 April 2014 Presented by: Cosimo Zaccaria Signal Management Pharmacovigilance Department An agency of the European Union How to im prove m onitoring

668 views • 31 slides
Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

SAC Summer School 2019 Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions allow us to prove that our schemes achieve a certain leakage profile but doesnt tell us if a leakage profile is

477 views • 22 slides
Data Assimilation and Detection in Multi-Sensor & Multi-Scale Environments N. Sri

Data Assimilation and Detection in Multi-Sensor & Multi-Scale Environments N. Sri

Data Assimilation and Detection in Multi-Sensor & Multi-Scale Environments N. Sri Namchchivaya Andrea Barreiro, Shanshan Liu, Kristjan Onu, Jun Park Pete Sauer, and Richard Sowers Department of Aerospace Engineering University of Illinois

379 views • 34 slides
BBBBBBBBBBBBBBBB Soft errors are: dependent on circuit inputs. dependent on the

BBBBBBBBBBBBBBBB Soft errors are: dependent on circuit inputs. dependent on the

BBBBBBBBBBBBBBBB Soft errors are: dependent on circuit inputs. dependent on the signal values on inputs to logic gates for example input of 01 has different probability of soft error relative to input of 10 to any of two-

625 views • 28 slides
Signal Processing General Introduction Based Intrusion Detection Using Several drawbacks to

Signal Processing General Introduction Based Intrusion Detection Using Several drawbacks to

Signal Processing General Introduction Based Intrusion Detection Using Several drawbacks to signature-based PCA detection Human intervention By Jeff Terrell Not adaptive; can't learn For COMP 290 - IDS - Spring 2005 Can be

360 views • 7 slides
Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model

Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model

Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model Sarvar Patel*, Giuseppe Persiano** and Kevin Yeo* *Google **University of Salerno Key k i was queried. Privacy-Preserving Storage Protocols Key k i

1.11k views • 81 slides

More recommend