Evaluation of (power) side-channels in cryptographic implementations

Florian Bache, Christina Plump, Jonas Wloka, Tim Güneysu

In: Stefan Conrad, Paul Molitor (Hrsg.). IT - information technology (IT) De Gruyter Oldenbourg 1/2019.


Cryptographic devices that potentially operate in hostile physical environments need to be secured against side-channel attacks. In order to ensure the effectiveness of the required countermeasures, scientists, developers, and evaluators need efficient methods to test the security evel of a device. In this paper we propose a new framework based on confidence intervals that extends established t-test based approaches for test-vector leakage assessment (TVLA). In comparison to previous TVLA approaches the new methodology does not only enable the detection of leakage but can also assert its absence. The framework is robust against noise in the evaluation system and thereby avoids false negatives. These improvements can be achieved without overhead in measurement complexity and with a minimum of additional computational costs compared to previous approaches. We evaluate our method under realistic conditions by applying it to a protected implementation of AES.