Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests

The development of a leakage detection testing methodology for the side-channel resistance of cryptographic devices is an issue that has received recent focus from standardisation bodies such as NIST. Statistical techniques such as hypothesis and significance testing appear to be ideally suited for this purpose. In this work we evaluate the candidacy of three such detection tests: a t-test proposed by Cryptography Research Inc., and two mutual information-based tests, one in which data is treated as continuous and one as discrete. Our evaluation investigates three particular areas: statistical power, the effectiveness of multiplicity corrections, and computational complexity. To facilitate a fair comparison we conduct a novel a priori statistical power analysis of the three tests in the context of side-channel analysis, finding surprisingly that the continuous mutual information and t-tests exhibit similar levels of power. We also show how the inherently parallel nature of the continuous mutual information test can be leveraged to reduce a large computational cost to insignificant levels. To complement the a priori statistical power analysis we include two real-world case studies of the tests applied to software and hardware implementations of the AES.

[1]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[2]  Tom Chothia,et al.  A Statistical Test for Information Leaks Using Continuous Mutual Information , 2011, CSF.

[3]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[4]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[5]  P. J. Green,et al.  Density Estimation for Statistics and Data Analysis , 1987 .

[6]  Paul D. Ellis,et al.  The essential guide to effect sizes : statistical power, meta-analysis, and the interpretation of research results , 2010 .

[7]  N. Schaumberger Generalization , 1989, Whitehead and Philosophy of Education.

[8]  Welch Bl THE GENERALIZATION OF ‘STUDENT'S’ PROBLEM WHEN SEVERAL DIFFERENT POPULATION VARLANCES ARE INVOLVED , 1947 .

[9]  Paul Dischamp,et al.  Power Analysis, What Is Now Possible , 2000, ASIACRYPT.

[10]  Moti Yung,et al.  A New Randomness Extraction Paradigm for Hybrid Encryption , 2009, EUROCRYPT.

[11]  A. Tamhane,et al.  Multiple Comparison Procedures , 1989 .

[12]  P. Kocher,et al.  Di erential Power Analysis , 1999 .

[13]  P. Rohatgi,et al.  A testing methodology for side channel resistance , 2011 .

[14]  H. Keselman,et al.  Multiple Comparison Procedures , 2005 .

[15]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[16]  Thomas Eisenbarth,et al.  Correlation-Enhanced Power Analysis Collision Attack , 2010, CHES.

[17]  Tom Chothia,et al.  Statistical Measurement of Information Leakage , 2010, TACAS.

[18]  Berk Sunar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2005, 7th International Workshop, Edinburgh, UK, August 29 - September 1, 2005, Proceedings , 2005, CHES.

[19]  Bart Preneel,et al.  Mutual Information Analysis A Generic Side-Channel Distinguisher , 2008 .

[20]  Beau Dabbs,et al.  Summary and discussion of : “ Controlling the False Discovery Rate : A Practical and Powerful Approach to Multiple Testing , 2014 .

[21]  Liam Paninski,et al.  Estimation of Entropy and Mutual Information , 2003, Neural Computation.

[22]  Y. Benjamini,et al.  Controlling the false discovery rate: a practical and powerful approach to multiple testing , 1995 .

[23]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[24]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[25]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[26]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[27]  Sylvain Guilley,et al.  Evaluation of countermeasure implementations based on Boolean masking to thwart side-channel attacks , 2009, 2009 3rd International Conference on Signals, Circuits and Systems (SCS).

[28]  Akashi Satoh,et al.  An Optimized S-Box Circuit Architecture for Low Power AES Design , 2002, CHES.

[29]  Stefan Mangard,et al.  Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17-20, 2010. Proceedings , 2010, CHES.

[30]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[31]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[32]  Ingrid Verbauwhede,et al.  Selecting Time Samples for Multivariate DPA Attacks , 2012, CHES.

[33]  Pankaj Rohatgi,et al.  Cryptographic Hardware and Embedded Systems Ches 2008 , 2009 .

[34]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[35]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[36]  Patrick Schaumont,et al.  Cryptographic Hardware and Embedded Systems – CHES 2012 , 2012, Lecture Notes in Computer Science.

[37]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[38]  S. Holm A Simple Sequentially Rejective Multiple Test Procedure , 1979 .

[39]  Elisabeth Oswald,et al.  A fair evaluation framework for comparing side-channel distinguishers , 2011, Journal of Cryptographic Engineering.