Towards Sound and Optimal Leakage Detection Procedure

Evaluation of side-channel leakage for cryptographic systems requires sound leakage detection procedures. The commonly used standard approach is the test vector leakage assessment (TVLA) procedure. We first relate TVLA to the statistical minimum p-value (mini-p) procedure, and propose a sound method of deciding leakage existence in the statistical hypothesis setting. An advanced statistical procedure, Higher Criticism (HC), is adopted to improve leakage detection when there are multiple leakage points. The HC-based procedure is optimal in side-channel leakage detection, because for a given number of traces with a given length, it detects the existence of leakage at the signal level as low as possibly detectable by any statistical procedure. Numerical studies show that our HC-based procedure perform as well as the mini-p based procedure when leakage signals are very sparse, and can improve the leakage detection significantly when there are multiple leakages.

[1]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[2]  D. Donoho,et al.  Higher criticism for detecting sparse heterogeneous mixtures , 2004, math/0410072.

[3]  Vincent Rijmen,et al.  Higher-Order Threshold Implementations , 2014, ASIACRYPT.

[4]  Olivier Meynard,et al.  Combined Side-Channel Attacks , 2010, WISA.

[5]  P. Rohatgi,et al.  A testing methodology for side channel resistance , 2011 .

[6]  Hermann Drexler,et al.  Improved Template Attacks , 2010 .

[7]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[8]  François-Xavier Standaert,et al.  Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages , 2008, CHES.

[9]  Markus G. Kuhn,et al.  Ecient Template Attacks , 2014 .

[10]  Thomas Eisenbarth,et al.  Simpler, Faster, and More Robust T-Test Based Leakage Detection , 2016, COSADE.

[11]  Jian Li,et al.  Higher criticism: $p$-values and criticism , 2014, 1411.1437.

[12]  Marcin Wójcik,et al.  Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests , 2013, ASIACRYPT.

[13]  François Durvaux,et al.  From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces , 2016, EUROCRYPT.

[14]  Josep Balasch,et al.  On the Cost of Lazy Engineering for Masked Software Implementations , 2014, CARDIS.

[15]  Liwei Zhang,et al.  A Statistical Model for Higher Order DPA on Masked Devices , 2014, IACR Cryptol. ePrint Arch..

[16]  Begül Bilgin,et al.  Higher-Order Glitch Resistant Implementation of the PRESENT S-Box , 2014, BalkanCryptSec.

[17]  Christof Paar,et al.  Higher Order Masking of the AES , 2006, CT-RSA.

[18]  Yang Feng,et al.  Nonparametric Independence Screening in Sparse Ultra-High-Dimensional Additive Models , 2009, Journal of the American Statistical Association.

[19]  D. Donoho,et al.  Higher criticism thresholding: Optimal feature selection when useful features are rare and weak , 2008, Proceedings of the National Academy of Sciences.

[20]  Simon Regard,et al.  ["Less is more"]. , 2013, Revue medicale suisse.

[21]  P. Rohatgi,et al.  Test Vector Leakage Assessment ( TVLA ) methodology in practice , 2013 .

[22]  Markus G. Kuhn,et al.  Efficient Template Attacks , 2013, CARDIS.

[23]  Jianqing Fan,et al.  Sure independence screening for ultrahigh dimensional feature space , 2006, math/0612857.

[24]  Stefan Mangard,et al.  One for all - all for one: unifying standard differential power analysis attacks , 2011, IET Inf. Secur..

[25]  Ricardo Dahab,et al.  Efficient and Secure Elliptic Curve Cryptography for 8-bit AVR Microcontrollers , 2015, SPACE.

[26]  Christian P. Robert,et al.  Report of the Editors-2007 , 2008 .

[27]  Amir Moradi,et al.  Leakage assessment methodology , 2016, Journal of Cryptographic Engineering.

[28]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[29]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[30]  Jiashun Jin,et al.  Detection boundary and Higher Criticism approach for rare and weak genetic effects , 2014, 1407.8382.

[31]  Xihong Lin,et al.  The Generalized Higher Criticism for Testing SNP-Set Effects in Genetic Association Studies , 2017, Journal of the American Statistical Association.

[32]  Jiashun Jin,et al.  Higher Criticism for Large-Scale Inference: especially for Rare and Weak effects , 2014, 1410.4743.

[33]  P. Hall,et al.  PROPERTIES OF HIGHER CRITICISM UNDER STRONG DEPENDENCE , 2008, 0803.2095.

[34]  Stephen E. Fienberg,et al.  Testing Statistical Hypotheses , 2005 .