2009
DOI: 10.1007/978-3-642-01001-9_26
|View full text |Cite
|
Sign up to set email alerts
|

A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks

Abstract: Abstract. The fair evaluation and comparison of side-channel attacks and countermeasures has been a long standing open question, limiting further developments in the field. Motivated by this challenge, this work makes a step in this direction and proposes a framework for the analysis of cryptographic implementations that includes a theoretical model and an application methodology. The model is based on commonly accepted hypotheses about side-channels that computations give rise to. It allows quantifying the ef… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
5

Citation Types

4
591
0

Year Published

2009
2009
2020
2020

Publication Types

Select...
5
5

Relationship

2
8

Authors

Journals

citations
Cited by 686 publications
(595 citation statements)
references
References 28 publications
4
591
0
Order By: Relevance
“…for modern smart cards. In this respect, profiled attacks are useful tools, since they can be used to approach their worst-case security level [24]. Such attacks essentially work in two steps: first a leakage model is estimated during a so-called profiling phase, then the leakage model is exploited to extract key-dependent information in an online phase.…”
Section: Introductionmentioning
confidence: 99%
“…for modern smart cards. In this respect, profiled attacks are useful tools, since they can be used to approach their worst-case security level [24]. Such attacks essentially work in two steps: first a leakage model is estimated during a so-called profiling phase, then the leakage model is exploited to extract key-dependent information in an online phase.…”
Section: Introductionmentioning
confidence: 99%
“…In the past few years cryptographers have made tremendous progress toward modeling security in the face of such information leakage [22,31], and in constructing leakage-resilient cryptosystems secure even in case such leakage occurs. (There has also been corresponding work on reducing unwanted leakage by, e.g., building tamper-proof hardware; this is not the focus of our work.)…”
Section: Introductionmentioning
confidence: 99%
“…By carefully profiling a probabilistic model for the physical leakages, such attacks offer a direct path towards Bayesian subkey testing procedures. Template attacks are optimal from an information theoretic point of view, which makes them a prime tool for the worst-case security evaluation of leaking devices [35]. However, they also correspond to strong adversarial assumptions that may not be met in practice.…”
Section: Introductionmentioning
confidence: 99%