Generic Side-Channel Distinguishers: Improvements and Limitations - - PowerPoint PPT Presentation

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Generic Side-Channel Distinguishers: Improvements and Limitations

• N. Veyrat-Charvillon and F-X. Standaert

UCL Crypto Group, Universit´ e catholique de Louvain

crypto 2011, August 16

1/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Evaluating Implementations With dpa Attacks

P k Vs,P Yk,P j Vj,P Xj,P Dj compute leak predict model

j = s ?

Device Adversary Main ingredients: leakage model & dependency test

2/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Evaluating Implementations With dpa Attacks

P k Vs,P Yk,P j Vj,P Xj,P Dj compute leak predict model

j = s ?

Device Adversary Main ingredients: leakage model & dependency test

50 100 150 200 250 300 350 400 0.02 0.04 0.06 0.08 0.1 0.12 0.14 0.16 50 100 150 200 250 300 350 400 −0.2 −0.15 −0.1 −0.05 0.05 0.1 0.15 0.2 0.25

Power measurement em measurement

2/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Evaluating Implementations With dpa Attacks

P k Vs,P Yk,P j Vj,P Xj,P Dj compute leak predict model

j = s ?

Device Adversary Main ingredients: leakage model & dependency test

2/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Ingredient 1: Leakage Models

Two adversarial scenarios: Profiled case: preliminary estimation of the leakage pdf

Gaussian distribution Mixture model . . .

Non-profiled case: assumption on the leakages pdf (based on engineering intuition)

Hamming weight/distance Linear (or quadratic, . . . ) function of bits Identity function . . .

3/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Ingredient 2: Dependency Test

Different adversarial choices depending on: Number of samples used: univariate or multivariate Moment of the pdf exploited: mean, variance, . . . Type of dependency tested: linear, monotonic, . . .

4/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Existing Tests: Efficiency vs. Genericity

Pearson correlation univariate mean linear Spearman correlation univariate mean monotonic Least Square Regression multivariate mean MV linear Mutual information multivariate all moments any dependency Efficient Generic

5/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Additional Concern: Choice of Parameters

e.g. number of histogram bins (or kernel bandwidth, number of mixture components)

6/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Open questions

Question 1: can we design a generic side-channel distinguisher that is free of parameters? Question 2: can we evaluate side-channel attacks with non-profiled distinguishers only?

7/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Our Contributions

w.r.t. question 1, a new distinguisher based on:

1 leakage space reduction through copulas 2 dimensionality reduction using spacings 3 non-parametric uniformity test

w.r.t. question 2: empirical evaluations showing:

1 the efficiency of the new generic test 2 the necessity of profiled security evaluations

8/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

The new distinguisher

9/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Tool 1: Leakage Space Reduction

Marginal distribution Conditional distribution Xj,P = 0 Conditional distribution Xj,P = 1

Empirical Cumulant Copula z = ˆ FY (y)

y Pr[Y = y] y ˆ FY (y) 1z Pr[Z = z] + Cumulants are easier to estimate than pdfs + Projected marginal distribution is uniform

10/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Tool 2: Leakage Partition and Distance Sampling

correct key wrong key 1u Pr[U = u] 1u Pr[U = u] + Wrong key candidates should behave like uniform + All model values contribute to the estimation

11/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Tool 3: Smoothing and Evaluation

1u Pr[U = u] 1u Pr[U = u] 1u Pr[U = u] Theoretical distribution Correct key Wrong key + No parameters

12/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

2D case: Leakage Space Reduction

ˆ FY1(y) ˆ FY2(y) Pr[Y = y] y1 y2 Hamming weight = 1 Hamming weight = 6 + Copula transform preserves multivariate dependencies

13/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

2D case: Leakage Partition and Distance Sampling

correct key wrong key 1u Pr[U = u] 1u Pr[U = u] + Univariate pdf of a multidimensional distance

14/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

2D case: Smoothing and Evaluation

1u Pr[U = u] 1u Pr[U = u] 1u Pr[U = u] Theoretical distribution Correct key Wrong key

15/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Experimental Results

16/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Univariate Hamming Weight Leakages

Correlation, HW model LSR, linear basis MIA, HW model New test, HW model 0.0 0.2 0.4 0.6 0.8 1.0 10 20 30 40 50 60 70 80 #msg success

• Specific distinguishers are more efficient

17/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Hamming Weight Leakage, Bivariate Dependency

MIA, HW model New test, HW model 0.0 0.2 0.4 0.6 0.8 1.0 500 1000 1500 2000 2500 3000 #msg success

• New test exploits samples efficiently (compared to MIA)

18/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

cmos 65 nm Measurements, Bivariate Dependency

MIA, 7-bit model New test, 7-bit model MIA, clusters New test, clusters 0.0 0.2 0.4 0.6 0.8 1.0 1000 2000 3000 4000 5000 #msg success

• Leakage model hard to infer from engineering intuition

19/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Dual-Rail Simulations, Univariate Dependency

Correlation, HW model LSR, linear basis New test, clusters MIA, clusters 0.0 0.2 0.4 0.6 0.8 1.0 20 40 60 80 100 #msg success

• Non-linear leakage functions can be exploited

20/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Dual-Rail Simulations, Bivariate Dependency

New test, clusters MIA, clusters Bivariate template 0.0 0.2 0.4 0.6 0.8 1.0 1000 2000 3000 4000 5000 #msg success

• Profiling is needed to evaluate protected implementations

21/ 22

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions

Conclusions

1 SCAs = efficiency vs. genericity tradeoff

(’simple’ dependencies are easier to exploit)

New generic test completely free of parameters

2 Profiling is needed for security evaluations

Dependency tests can be generic . . . but not leakage models (so far) (Eurocrypt 2009 evaluation framework)

Open question: do highly non-linear leakage functions exist in practice? (or can non-linearity be used as a design criteria)

22/ 22