This book offers the reader a formalization, characterization and quantification of the real threat level posed by side-channel leaks from devices implementing cryptography. It exploits the best mathematical tools for quantifying information leakage and characterizing leakage-based attacks. The two possible approaches are described in detail. This includes the optimal attack strategy that can be derived (in specific contexts) or generic bounds regarding data complexity that can be computed. The tone of this book is essentially mathematical. It aims to establish formal foundations for techniques that are otherwise used as engineering recipes in industrial laboratories or empirical intuitions for deriving security levels from practical implementations. It is a systematization of knowledge and a compilation of relevant tools relating to the practice of side-channel analysis on embedded systems.
This book provides an up-to-date and improved analysis and understanding of embedded devices that conceal secrets that can be extracted by an attacker. Typical attacks involve measuring the device’s power consumption or radiated electromagnetic field. As a source of noisy information, this correlates it with secrets and enabling these secrets to be retrieved. The attacker in some cases, can purchase a blank device from the same series and learn about its leakage, particularly how it relates to the secrets. This book also covers how such information can enhance hardware attacks deployed on another device.
Researchers and engineers working in the field of side-channel security for embedded systems and related countermeasures as well as hardware and software engineers focused on implementing cryptographic functionalities will want to purchase this book as a reference. Advanced-level students majoring in computer science and electrical engineering will find this book valuable as a secondary textbook.
Table of Content
Chapter 1 Introduction.- Chapter 2 Basics and Preliminaries.- part 1 attacks.- Chapter 3 Attacks on Unprotected Devices.- Chapter 4 Attacks on Protected Devices.- part-II Evalautaion.- Chapter 5 Information-Theoretic Evaluation.- Chapter 6 Coding-Theoretic Formalization and Evaluation.- Chapter 7 Information Theoretic Bounds on the Evaluation of Attacks.
About the author
Wei CHENG is Postdoc Researcher at Secure-IC S.A.S., and also invited Associate Researcher at Télécom Paris. He obtained his Ph.D. degree in Information and Communications in December, 2021 from Télécom Paris & Institut Polytechnique de Paris, France. Before this, he received the B.S. degree from Wuhan University and the M.E. degree from the Institute of Information Engineering, CAS. His research interests include information theory, side-channel analysis, and related countermeasures (mainly on code-based masking, including inner product masking, direct sum masking, polynomial masking and other variants) of embedded systems and secure implementations. He also works on Machine Learning-based analysis on Physical Unclonable Functions (PUFs). He has received the ICE (Information, Communication and Electronics) Ph D Prize of Institut Polytechnique de Paris, 2022
Sylvain GUILLEY is General Manager and CTO at Secure-IC, a French company with global footprint offering security for embedded systems. Sylvain is also adjunct professor at Télécom-Paris and research associate at Ecole Normale Supérieure (ENS). His research interests are trusted computing, cyber-physical security, secure prototyping in FPGA and ASIC, and formal / mathematical methods. Since 2012, he organizes the PROOFS annual workshop, which brings together researchers whose objective is to increase the trust in the security of embedded systems. Sylvain is also lead editor of international standards, such as ISO/IEC 20897 (Physically Unclonable Functions), ISO/IEC 20085 (Calibration of non-invasive testing tools), and ISO/IEC TR 24485 (White Box Cryptography). He is leading the topic “High Level Principles for Design & Architecture” in the editing team of TR68 (Autonomous Vehicles—Singapore, Standards Development Organisation), and is member of the French BNA (Bureau de Normalisation de l’Automobile). Sylvain is associate editor of the Springer Nature Journal of Cryptography Engineering (JCEN). He has co-authored 350+ research papers and filed 40+ invention patents. He is member of the IACR, senior member of the IEEE and the Crypt Archi club. He is an alumnus from Ecole Polytechnique and Télécom-Paris
Olivier RIOUL is full Professor at the Department of Communication and Electronics at Télécom Paris, Institut Polytechnique de Paris, France. He graduated from École Polytechnique and from École Nationale Supérieure des Télécommunications, Paris, France, where he obtained his Ph D degree. His research interests are in applied mathematics and include various, sometimes unconventional, applications of information theory such as inequalities in statistics, hardware security, and experimental psychology. He has been teaching information theory and statistics at various universities for twenty years and has published a textbook which has become a classical French reference in the field.