Security Evaluations beyond Computing Power

How to Analyze Side-Channel Attacks You Cannot Mount?
  • Nicolas Veyrat-Charvillon
  • Benoît Gérard
  • François-Xavier Standaert
Conference paper

DOI: 10.1007/978-3-642-38348-9_8

Part of the Lecture Notes in Computer Science book series (LNCS, volume 7881)
Cite this paper as:
Veyrat-Charvillon N., Gérard B., Standaert FX. (2013) Security Evaluations beyond Computing Power. In: Johansson T., Nguyen P.Q. (eds) Advances in Cryptology – EUROCRYPT 2013. EUROCRYPT 2013. Lecture Notes in Computer Science, vol 7881. Springer, Berlin, Heidelberg

Abstract

Current key sizes for symmetric cryptography are usually required to be at least 80-bit long for short-term protection, and 128-bit long for long-term protection. However, current tools for security evaluations against side-channel attacks do not provide a precise estimation of the remaining key strength after some leakage has been observed, e.g. in terms of number of candidates to test. This leads to an uncomfortable situation, where the security of an implementation can be anywhere between enumerable values (i.e. 210 − 250 key candidates to test) and the full key size (i.e. 260 − 2128 key candidates to test). In this paper, we propose a solution to this issue, and describe a key rank estimation algorithm that provides tight bounds for the security level of leaking cryptographic devices. As a result and for the first time, we are able to analyze the full complexity of “standard” (i.e. divide-and-conquer) side-channel attacks, in terms of their tradeoff between time, data and memory complexity.

Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Nicolas Veyrat-Charvillon
    • 1
  • Benoît Gérard
    • 2
  • François-Xavier Standaert
    • 1
  1. 1.UCL Crypto GroupUniversité catholique de LouvainLouvain-la-NeuveBelgium
  2. 2.Direction Générale de l’Armement–Maîtrise de l’informationFrance

Personalised recommendations