leakage assessment methodology
play

Leakage Assessment Methodology - a clear roadmap for side-channel - PowerPoint PPT Presentation

Feb 26, 2024 •325 likes •1.15k views

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th , 2015 Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 2

  1. Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th , 2015

  2. Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 2

  3. Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 3

  4. Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 4

  5. Motivation Security Evaluation Does the chip leak information? Problem: Evaluation is not trivial. Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 5

  6. Motivation Security Evaluation Does the chip leak information? Problem: Evaluation is not trivial. Non-Invasive Attack Testing Workshop, 2011 Goal: Establish testing methodology capable of robustly assessing the physical vulnerability of cryptographic devices. Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 6

  7. Motivation Attack-based Testing Perform state-of-the-art attacks on the device under test (DUT) Attacks Intermediate Leakage Types: Values: Models: • DPA • Sbox In • HW × × • CPA • Sbox Out • HD • MIA • Sbox In/Out • Bit • … • … • … Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 7

  8. Motivation Attack-based Testing Perform state-of-the-art attacks on the device under test (DUT) Attacks Intermediate Leakage Types: Values: Models: • DPA • Sbox In • HW × × • CPA • Sbox Out • HD • MIA • Sbox In/Out • Bit • … • … • … Problems: • High computational complexity • Requires lot of expertise • Does not cover all possible attack vectors Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 8

  9. Motivation Testing based on t -Test Tries to detect any type of leakage at a certain order • Proposed by CRI at NIST workshop Advantages: • Independent of architecture • Independent of attack model • Fast & simple • Versatile Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 9

  10. Motivation Testing based on t -Test Tries to detect any type of leakage at a certain order • Proposed by CRI at NIST workshop Advantages: • Independent of architecture • Independent of attack model • Fast & simple • Versatile Problems: • No information about hardness of attack • Possible false positives if no care about evaluation setup Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 10

  11. Contribution 1. Explain statistical background in a (hopefully) more understandable way 2. More detailed discussion of higher-order testing 3. Hints how to design fast & correct measurement setup 4. Optimization of analysis phase Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 11

  12. Statistical Background • t -Test Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 12

  13. Statistical Background t -Test Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 13

  14. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 14

  15. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 Null Hypothesis: Two population means are equal. Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 15

  16. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 16

  17. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 𝜈 1 𝜈 0 Sample mean: 2 2 𝑡 1 𝑡 0 Sample variance: 𝑜 1 𝑜 0 Sample size: Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 17

  18. Statistical Background t -Test Sample 𝑅 0 Sample 𝑅 1 𝜈 1 𝜈 0 Sample mean: 2 2 𝑡 1 𝑡 0 Sample variance: 𝑜 1 𝑜 0 Sample size: 2 2 2 𝑜 0 + 𝑡 1 𝑡 0 𝑜 1 t = 𝜈 0 − 𝜈 1 v = 𝑢 -test statistic Degree of freedom 2 2 2 2 𝑡 0 𝑡 1 2 2 𝑜 0 + 𝑡 1 𝑡 0 𝑜 0 𝑜 1 𝑜 1 𝑜 0 − 1 + 𝑜 1 − 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 18

  19. Statistical Background t -Test 𝑢 𝑤 Γ 𝑤 + 1 −𝑤+1 1 + 𝑢 2 2 Estimate the probability to accept null 2 𝑔 𝑢, 𝑤 = 𝜌𝑤 Γ 𝑤 hypothesis with Student’s 𝑢 distribution: 𝑤 2 ∞ 𝑞 = 2 𝑔 t, v 𝑒𝑢 Compute: |𝑢| Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 19

  20. Statistical Background t -Test 𝑢 𝑤 Γ 𝑤 + 1 −𝑤+1 1 + 𝑢 2 2 Estimate the probability to accept null 2 𝑔 𝑢, 𝑤 = 𝜌𝑤 Γ 𝑤 hypothesis with Student’s 𝑢 distribution: 𝑤 2 ∞ 𝑞 = 2 𝑔 t, v 𝑒𝑢 Compute: |𝑢| Small 𝑞 values give evidence to reject the null hypothesis Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 20

  21. Statistical Background t -Test  For testing usually only the 𝑢 -value is estimated  Compared to a threshold of t > 4.5 • 𝑞 = 2𝐺 −4.5, 𝑤 > 1000 < 0.00001 • Confidence of > 0.99999 to reject the null hypothesis Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 21

  22. Testing Methodology Specific 𝒖 -Test • • Non-Specific t -Test Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 22

  23. Testing Methodology Specific t -Test Measurements 𝑈 𝑗 With Associated Data 𝐸 𝑗 Specific t -Test:  Key is known to enable correct partitioning  Test is conducted at each sample point separately (univariate)  If corresponding 𝑢 -test exceeds threshold ⇒ DPA probable Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 23

  24. Testing Methodology Specific t -Test Measurements 𝑈 𝑗 𝑢𝑏𝑠𝑕𝑓𝑢 𝑐𝑗𝑢 𝐸 𝑗 = 0 With Associated Data 𝐸 𝑗 𝑅 0 Specific t -Test:  Key is known to enable correct partitioning  Test is conducted at each sample point separately (univariate)  If corresponding 𝑢 -test exceeds threshold ⇒ DPA probable Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 24

  25. Testing Methodology Specific t -Test Measurements 𝑈 𝑗 𝑢𝑏𝑠𝑕𝑓𝑢 𝑐𝑗𝑢 𝐸 𝑗 = 0 𝑢𝑏𝑠𝑕𝑓𝑢 𝑐𝑗𝑢 𝐸 𝑗 = 1 With Associated Data 𝐸 𝑗 𝑅 0 𝑅 1 Specific t -Test:  Key is known to enable correct partitioning  Test is conducted at each sample point separately (univariate)  If corresponding 𝑢 -test exceeds threshold ⇒ DPA probable Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 25

  26. Testing Methodology Non-Specific t -Test Non-Specific t -Test:  fixed vs. random t -test  Avoids being dependent on any intermediate value/model  Detected leakage of single test is not always exploitable  Semi-fixed vs. random t- test useful in certain cases Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 26

  27. Testing Methodology Non-Specific t -Test Non-Specific t -Test:  fixed vs. random t -test  Avoids being dependent on any intermediate value/model  Detected leakage of single test is not always exploitable  Semi-fixed vs. random t- test useful in certain cases Measurements 𝑈 𝑘 With Fixed Associated Data D 𝑅 0 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 27

  28. Testing Methodology Non-Specific t -Test Non-Specific t -Test:  fixed vs. random t -test  Avoids being dependent on any intermediate value/model  Detected leakage of single test is not always exploitable  Semi-fixed vs. random t- test useful in certain cases Measurements 𝑈 Measurements 𝑈 𝑗 𝑘 With Random With Fixed Associated Data D 𝑗 Associated Data D 𝑅 0 𝑅 1 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 28

  29. Higher-Order Testing • Multivariate • Univariate Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 29

  30. Higher-Order Testing Multivariate Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 30

  31. Higher-Order Testing Multivariate 𝑇 1 Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 31

  32. Higher-Order Testing Multivariate 𝑇 1 𝑇 2 Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 32

  33. Higher-Order Testing Multivariate 𝑇 1 𝑇 2 Multivariate:  Sensitive variable is shared: 𝑇 = 𝑇 1 ∘ 𝑇 2  Shares are processed at different time instances (SW)  Leakages at different time instances need to be combined first Centered Product: 𝑦′ = 𝑦 1 − 𝜈 1 ⋅ 𝑦 2 − 𝜈 2 Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 33

  34. Higher-Order Testing Univariate 𝑇 1 𝑇 2 Univariate:  Shares are processed in parallel (HW)  Leakages at the same time instance need to be combined first Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015 Tobias Schneider &amp; Amir Moradi Ruhr-Universitt Bochum Embedded Security Group Outline Motivation Statistical Background Testing

461 views • 43 slides
An assessment of carbon leakage in the light of the COP-15 pledges. L. Paroussos., P.

An assessment of carbon leakage in the light of the COP-15 pledges. L. Paroussos., P.

An assessment of carbon leakage in the light of the COP-15 pledges. L. Paroussos., P. Karkatsoulis, K. Fragiadakis, P. Capros E3MLab/NTUA WIOD FP7 Research Project April 2012 1 Overview Modelling methodology and calibration of a

606 views • 26 slides
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Friday, September 11 th , 2015 Motivation Physical Attacks &amp; Countermeasures input output input output Timing, Power, EM,

746 views • 47 slides
NAC Assessment Criteria, Methodology and Covid-19 Compliance 1 ASSESSMENT CRITERIA CHANGE The

NAC Assessment Criteria, Methodology and Covid-19 Compliance 1 ASSESSMENT CRITERIA CHANGE The

NAC Assessment Criteria, Methodology and Covid-19 Compliance 1 ASSESSMENT CRITERIA CHANGE The purpose of this presentation is to outline alterations to the criteria and methodology for application assessment by programme panel members to

626 views • 10 slides
Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional

Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional

Digital Leakage Today Analog and Digital Leakage LTE interference Kendall Robinson Regional Account Director Arcom Digital &lt; HOME Digital Leakage Outline Digital Leakage Traditional Leakage LTE Ingress and Egress issues

877 views • 68 slides
Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

SAC Summer School 2019 Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions allow us to prove that our schemes achieve a certain leakage profile but doesnt tell us if a leakage profile is

477 views • 22 slides
Deliverability Assessment Methodology Straw Proposal Paper Deliverability Assessment Methodology

Deliverability Assessment Methodology Straw Proposal Paper Deliverability Assessment Methodology

Deliverability Assessment Methodology Straw Proposal Paper Deliverability Assessment Methodology Straw Proposal Paper Stakeholder Meeting August 5, 2019 California ISO Public California ISO Public Agenda Time Item 9:00-9:30 Welcome and

545 views • 53 slides
Deliverability Assessment Methodology Draft Final Proposal Paper Deliverability Assessment

Deliverability Assessment Methodology Draft Final Proposal Paper Deliverability Assessment

Deliverability Assessment Methodology Draft Final Proposal Paper Deliverability Assessment Methodology Straw Proposal Paper Stakeholder Meeting October 4, 2019 California ISO Public California ISO Public Introduction Neil Millar Executive

789 views • 54 slides
Experimental Assessment of Experimental Assessment of p Brine and/or CO2 Leakage Brine and/or

Experimental Assessment of Experimental Assessment of p Brine and/or CO2 Leakage Brine and/or

Experimental Assessment of Experimental Assessment of p Brine and/or CO2 Leakage Brine and/or CO2 Leakage Th Through Well Cements at Through Well Cements at Th h W ll C h W ll C t t t t Reservoir Conditions Reservoir Conditions

737 views • 35 slides
Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1:

Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1:

SAC Summer School 2019 Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1: ORAM simulation Store and simulate data structure with ORAM General-purpose Zero-leakage (if data is transformed

1.29k views • 60 slides
Fast leakage assessment Oscar Reparaz COSIC / KU Leuven Benedikt Gierlichs CHES 2017 Taipei

Fast leakage assessment Oscar Reparaz COSIC / KU Leuven Benedikt Gierlichs CHES 2017 Taipei

Fast leakage assessment Oscar Reparaz COSIC / KU Leuven Benedikt Gierlichs CHES 2017 Taipei (Taiwan) 2017-09-26 Ingrid Verbauwhede 1 an empirical approach to test device security Enumerate all attacks, check if any is successful

359 views • 31 slides
Pressure Optimisation Introduction Why carry out Pressure Optimisation How and Who

Pressure Optimisation Introduction Why carry out Pressure Optimisation How and Who

Pressure Optimisation Introduction Why carry out Pressure Optimisation How and Who Methodology Modelling input Leakage saving assessment Scope of the project Case Study Sale Manchester Why pressure

540 views • 14 slides
The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water

The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water

The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water leakage can occur . To prevent leakage-related damages it sends an alert whenever water is detected. The device also visualizes its status on the online

234 views • 10 slides
The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P.

The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P.

The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P. Chung, Steven Han, Wenke Lee College of Computing Georgia Institute of Technology Outline Background &amp; Motivation Methodology

576 views • 34 slides
Carbon leakage: theory, evidence and policy PMR Webinar on Carbon Leakage John Ward November 24

Carbon leakage: theory, evidence and policy PMR Webinar on Carbon Leakage John Ward November 24

Carbon leakage: theory, evidence and policy PMR Webinar on Carbon Leakage John Ward November 24 and December 3, 2015 Vivid Economics Overview Definition Theory Evidence Addressing leakage Why? Which sectors? How? 2

408 views • 29 slides
LEAKAGE - RESILIENT PUBLIC - KEY ENCRYPTION FROM OBFUSCATION Dana Dachman-Soled, S. Dov

LEAKAGE - RESILIENT PUBLIC - KEY ENCRYPTION FROM OBFUSCATION Dana Dachman-Soled, S. Dov

LEAKAGE - RESILIENT PUBLIC - KEY ENCRYPTION FROM OBFUSCATION Dana Dachman-Soled, S. Dov Gordon, Feng-Hao Lui, Adam, ONeill, and Hong-Sheng Zhou O UTLINE OF T ALK Leakage Models for PKE Bounded, Continual, and Continual w/ Leakage on

1.05k views • 102 slides
Using ASTM E2128 Standard Guide for Evaluating Leakage of Building Walls Robert Kudder, PhD,

Using ASTM E2128 Standard Guide for Evaluating Leakage of Building Walls Robert Kudder, PhD,

Using ASTM E2128 Standard Guide for Evaluating Leakage of Building Walls Robert Kudder, PhD, S.E., FASTM Raths, Raths &amp; Johnson, Inc BEC Detroit, October 14, 2014 Background ! 1986 Alan Yorkdale and James Gross gathered professionals

1.13k views • 41 slides
5/3/2019 1. Framework 2. User involvement and Partnerships 3. Early Literacy And Play 4. Maker

5/3/2019 1. Framework 2. User involvement and Partnerships 3. Early Literacy And Play 4. Maker

5/3/2019 1. Framework 2. User involvement and Partnerships 3. Early Literacy And Play 4. Maker Culture and Co-creation 5. Misinformation and Trust Building The Future(s) Of Libraries 6. Social Challenges and Equity And Library Work 7.

658 views • 26 slides
Municipal Solar: Taking the lead on a growing renewable movement. Presented by Greg Winks &amp;

Municipal Solar: Taking the lead on a growing renewable movement. Presented by Greg Winks &amp;

Municipal Solar: Taking the lead on a growing renewable movement. Presented by Greg Winks &amp; Will Brown Solbridge Energy Advisors CHANGING THE WAY YOU GO SOLAR! -Independent consulting and brokerage for solar &amp; renewables -Independent

179 views • 14 slides
Implementation of Personalised Medicine through Open Innovation in Science Juergen Busch , LBG

Implementation of Personalised Medicine through Open Innovation in Science Juergen Busch , LBG

2nd ICPerMed Workshop 'Best Practice in Personalised Medicine' Recognition 2019 Personalised Medicine for All Citizens and Patients within Sustainable Implementation Madrid, 05 November 2019 Establishment of Interdisciplinary &amp;

239 views • 8 slides
Evolution of Hydrostatic Leak Detection Ronnie Little, rlittle@rmudata.com , 281-743-2033 SPL

Evolution of Hydrostatic Leak Detection Ronnie Little, rlittle@rmudata.com , 281-743-2033 SPL

5/22/2018 Evolution of Hydrostatic Leak Detection Ronnie Little, rlittle@rmudata.com , 281-743-2033 SPL Leak Detection IN THE BEGINNING According to PHMSA, hydrostatic testing for pipelines began in the 1940s. MADE MANDATORY in

496 views • 12 slides
Idaho Department of Environmental Quality Rules for Ore Processing by Cyanidation, IDAPA

Idaho Department of Environmental Quality Rules for Ore Processing by Cyanidation, IDAPA

Idaho Department of Environmental Quality Rules for Ore Processing by Cyanidation, IDAPA 58.01.13 Overview Comment summary Draft rule revisions Next steps Idaho Department of Environmental Quality Comment Summary Bryan

687 views • 13 slides
The value of leak testing in preventing hydraulic fluid leaks NFPA Milwaukee Regional Meeting

The value of leak testing in preventing hydraulic fluid leaks NFPA Milwaukee Regional Meeting

The value of leak testing in preventing hydraulic fluid leaks NFPA Milwaukee Regional Meeting Milwaukee School Of Engineering (MSOE) September 27, 2016 Thomas Braun, VP Product Development Fastest Incorporated www.fastestinc.com 2015 NFPA

379 views • 17 slides
Lean in Healthcare Comes to Human Resources Lean Principles and How They Apply to Human

Lean in Healthcare Comes to Human Resources Lean Principles and How They Apply to Human

Lean in Healthcare Comes to Human Resources Lean Principles and How They Apply to Human Resources Sponsored by Lindalee A. Lawrence President Overview Lindalee Lawrence, President, Lawrence Associates, Lean Certified, on Overview,

1.07k views • 44 slides

More recommend