A Systematic Appraisal of Side Channel Evaluation Strategies

Melissa Azouaoui; Davide Bellizia; Ileana Buhan; Nicolas Debande; Sèbastien Duval; Christophe Giraud; Èliane Jaulmes; François Koeune; Elisabeth Oswald; François Xavier Standaert; Carolyn Whitnall

doi:10.1007/978-3-030-64357-7_3

A Systematic Appraisal of Side Channel Evaluation Strategies

Melissa Azouaoui, Davide Bellizia, Ileana Buhan, Nicolas Debande, Sèbastien Duval, Christophe Giraud, Èliane Jaulmes, François Koeune, Elisabeth Oswald^*, François Xavier Standaert, Carolyn Whitnall

^*Corresponding author for this work

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this paper we examine the central question that is how well do side channel evaluation regimes capture the true security level of a product. Concretely, answering this question requires considering the optimality of the attack/evaluation strategy selected by the evaluator, and the various steps to instantiate it. We draw on a number of published works and discuss whether state-of-the-art solutions for the different steps of a side-channel security evaluation offer bounds or guarantees of optimality, or if they are inherently heuristic. We use this discussion to provide an informal rating of the steps’ optimality and to put forward where risks of overstated security levels remain.

Original language	English
Title of host publication	Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings
Editors	Thyla van der Merwe, Chris Mitchell, Maryam Mehrnezhad
Publisher	Springer
Pages	46-66
Number of pages	21
ISBN (Print)	9783030643560
DOIs	https://doi.org/10.1007/978-3-030-64357-7_3
Publication status	Published - 2020
Event	6th International Conference on Security Standardisation Research, SSR 2020 - London, United Kingdom Duration: 30 Nov 2020 → 1 Dec 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12529 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	6th International Conference on Security Standardisation Research, SSR 2020
Country/Territory	United Kingdom
City	London
Period	30/11/20 → 1/12/20

Bibliographical note

Funding Information:
This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). François-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research.

Funding Information:
This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). Fran¸cois-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research.

Publisher Copyright:
© 2020, Springer Nature Switzerland AG.

Keywords

Certification
Evaluation
Side channels

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-64357-7_3

Cite this

Azouaoui, M., Bellizia, D., Buhan, I., Debande, N., Duval, S., Giraud, C., Jaulmes, È., Koeune, F., Oswald, E., Standaert, F. X., & Whitnall, C. (2020). A Systematic Appraisal of Side Channel Evaluation Strategies. In T. van der Merwe, C. Mitchell, & M. Mehrnezhad (Eds.), Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings (pp. 46-66). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12529 LNCS). Springer. https://doi.org/10.1007/978-3-030-64357-7_3

Azouaoui, Melissa ; Bellizia, Davide ; Buhan, Ileana et al. / A Systematic Appraisal of Side Channel Evaluation Strategies. Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings. editor / Thyla van der Merwe ; Chris Mitchell ; Maryam Mehrnezhad. Springer, 2020. pp. 46-66 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{e30f1f47e9f04482a38937ba387e777c,

title = "A Systematic Appraisal of Side Channel Evaluation Strategies",

abstract = "In this paper we examine the central question that is how well do side channel evaluation regimes capture the true security level of a product. Concretely, answering this question requires considering the optimality of the attack/evaluation strategy selected by the evaluator, and the various steps to instantiate it. We draw on a number of published works and discuss whether state-of-the-art solutions for the different steps of a side-channel security evaluation offer bounds or guarantees of optimality, or if they are inherently heuristic. We use this discussion to provide an informal rating of the steps{\textquoteright} optimality and to put forward where risks of overstated security levels remain.",

keywords = "Certification, Evaluation, Side channels",

author = "Melissa Azouaoui and Davide Bellizia and Ileana Buhan and Nicolas Debande and S{\`e}bastien Duval and Christophe Giraud and {\`E}liane Jaulmes and Fran{\c c}ois Koeune and Elisabeth Oswald and Standaert, {Fran{\c c}ois Xavier} and Carolyn Whitnall",

note = "Funding Information: This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). Fran{\c c}ois-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research. Funding Information: This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). Fran¸cois-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research. Publisher Copyright: {\textcopyright} 2020, Springer Nature Switzerland AG.; 6th International Conference on Security Standardisation Research, SSR 2020 ; Conference date: 30-11-2020 Through 01-12-2020",

year = "2020",

doi = "10.1007/978-3-030-64357-7_3",

language = "English",

isbn = "9783030643560",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "46--66",

editor = "{van der Merwe}, Thyla and Chris Mitchell and Maryam Mehrnezhad",

booktitle = "Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings",

}

Azouaoui, M, Bellizia, D, Buhan, I, Debande, N, Duval, S, Giraud, C, Jaulmes, È, Koeune, F, Oswald, E, Standaert, FX & Whitnall, C 2020, A Systematic Appraisal of Side Channel Evaluation Strategies. in T van der Merwe, C Mitchell & M Mehrnezhad (eds), Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12529 LNCS, Springer, pp. 46-66, 6th International Conference on Security Standardisation Research, SSR 2020, London, United Kingdom, 30/11/20. https://doi.org/10.1007/978-3-030-64357-7_3

A Systematic Appraisal of Side Channel Evaluation Strategies. / Azouaoui, Melissa; Bellizia, Davide; Buhan, Ileana et al.
Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings. ed. / Thyla van der Merwe; Chris Mitchell; Maryam Mehrnezhad. Springer, 2020. p. 46-66 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12529 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A Systematic Appraisal of Side Channel Evaluation Strategies

AU - Azouaoui, Melissa

AU - Bellizia, Davide

AU - Buhan, Ileana

AU - Debande, Nicolas

AU - Duval, Sèbastien

AU - Giraud, Christophe

AU - Jaulmes, Èliane

AU - Koeune, François

AU - Oswald, Elisabeth

AU - Standaert, François Xavier

AU - Whitnall, Carolyn

N1 - Funding Information: This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). François-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research. Funding Information: This work has been funded in parts by the European Union (EU) via the H2020 project 731591 (acronym REASSURE), the ERC project 724725 (acronym SWORD) and the ERC project 725042 (acronym SEAL). Fran¸cois-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). Ileana Buhan was with Riscure at the time of conducting this research. Publisher Copyright: © 2020, Springer Nature Switzerland AG.

PY - 2020

Y1 - 2020

N2 - In this paper we examine the central question that is how well do side channel evaluation regimes capture the true security level of a product. Concretely, answering this question requires considering the optimality of the attack/evaluation strategy selected by the evaluator, and the various steps to instantiate it. We draw on a number of published works and discuss whether state-of-the-art solutions for the different steps of a side-channel security evaluation offer bounds or guarantees of optimality, or if they are inherently heuristic. We use this discussion to provide an informal rating of the steps’ optimality and to put forward where risks of overstated security levels remain.

AB - In this paper we examine the central question that is how well do side channel evaluation regimes capture the true security level of a product. Concretely, answering this question requires considering the optimality of the attack/evaluation strategy selected by the evaluator, and the various steps to instantiate it. We draw on a number of published works and discuss whether state-of-the-art solutions for the different steps of a side-channel security evaluation offer bounds or guarantees of optimality, or if they are inherently heuristic. We use this discussion to provide an informal rating of the steps’ optimality and to put forward where risks of overstated security levels remain.

KW - Certification

KW - Evaluation

KW - Side channels

UR - http://www.scopus.com/inward/record.url?scp=85097652266&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-64357-7_3

DO - 10.1007/978-3-030-64357-7_3

M3 - Conference contribution

AN - SCOPUS:85097652266

SN - 9783030643560

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 46

EP - 66

BT - Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings

A2 - van der Merwe, Thyla

A2 - Mitchell, Chris

A2 - Mehrnezhad, Maryam

PB - Springer

T2 - 6th International Conference on Security Standardisation Research, SSR 2020

Y2 - 30 November 2020 through 1 December 2020

ER -

Azouaoui M, Bellizia D, Buhan I, Debande N, Duval S, Giraud C et al. A Systematic Appraisal of Side Channel Evaluation Strategies. In van der Merwe T, Mitchell C, Mehrnezhad M, editors, Security Standardisation Research - 6th International Conference, SSR 2020, Proceedings. Springer. 2020. p. 46-66. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-64357-7_3

A Systematic Appraisal of Side Channel Evaluation Strategies

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this