Statistics and secret leakage

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback
Take a look at the new version of this page: [ beta version ]. Tell us what you think.

Statistics and secret leakage

Full text

Pdf (219 KB)

Source

ACM Transactions on Embedded Computing Systems (TECS) archive
Volume 3 , Issue 3 (August 2004) table of contents

Pages: 492 - 508

Year of Publication: 2004

ISSN:1539-9087

Authors

Jean-Sebastien Coron	Gemplus, Issy-les-Moulineaux, France
David Naccache	Gemplus, Issy-les-Moulineaux, France
Paul Kocher	Cryptography Research, Inc., San Francisco, CA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 10, Downloads (12 Months): 72, Citation Count: 6

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1015047.1015050 What is a DOI?

ABSTRACT

In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location. As one can easily imagine, real-life devices are not ideal and information may leak through different physical channels.This paper gives a rigorous definition of leakage immunity and presents several leakage detection tests. In these tests, failure confirms the probable existence of secret-correlated emanations and indicates how likely the leakage is. Success does not refute the existence of emanations but indicates that significant emanations were not detected on the strength of the evidence presented, which of course, leaves the door open to reconsider the situation if further evidence comes to hand at a later date.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Anderson, R. and Kuhn, M. 1996. Tamper resistance---a cautionary note. In The Second usenix Workshop on Electronic Commerce. 1--11.
	2	Bennett, C. 1973. Logical reversibility of computation. IBM J. R&D 17, 525--532.
	3	Eli Biham , Adi Shamir, Differential Fault Analysis of Secret Key Cryptosystems, Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.513-525, August 17-21, 1997
	4	Boneh, D., DeMillo, R., and Lipton, R. 1997. On the importance of checking cryptographic protocols for faults. In Proceedings of Eurocrypt' 97. 37--51.
	5	Suresh Chari , Charanjit S. Jutla , Josyula R. Rao , Pankaj Rohatgi, Towards Sound Approaches to Counteract Power-Analysis Attacks, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.398-412, August 15-19, 1999
	6	Jean-Sébastien Coron, On the Security of Random Sources, Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography, p.29-42, March 01-03, 1999
	7	Edgeworth, F. 1885. Observations and statistics: an essay on the theory of errors of observation and the first principles of statistics. Trans. Cambridge Philos. Soc. 138--169.
	8	ISO/IEC 15408-1:1999(E). 1999. Information technology--security techniques--evaluation criteria for it security. International Organization for Standardization and International Electrotechnical Commission.
	9	Jun, B. and Kocher, P. 1999. The intel random number generator. Cryptography Research white paper. Available at http://www.cryptography.com/intelRNG.pdf.
	10	Keyes, R. 1975. Physical limits in digital electronics. Proc. IEEE 63.
	11	Donald E. Knuth, The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1997
	12	Paul C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.104-113, August 18-22, 1996
	13	Paul C. Kocher , Joshua Jaffe , Benjamin Jun, Differential Power Analysis, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.388-397, August 15-19, 1999
	14	Kommerling, O. and Kuhn, M. 1999. Design principles for tamper-resistant smart-card processors. Proceedings of the USENIX Workshop on Smartcard Technology.
	15	Langley, R. 1968. Practical Statistics. Dover, New York.
	16	Michael George Luby , Luby Michael, Pseudorandomness and Cryptographic Applications, Princeton University Press, Princeton, NJ, 1994
	17	Ueli M. Maurer, A universal statistical test for random bit generators, Journal of Cryptology, v.5 n.2, p.89-105, 1992
	18	Carver Mead , Lynn Conway, Introduction to VLSI Systems, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1979
	19	Miller, I., Freund, J., and Johnson, R. 1990. Probability and statistics for enginners. Prentice Hall, Englewood Cliffs, NJ.
	20	NIST. 1994. Security requirements for cryptographic modules. National Institute of Standards and Technology, Federal Information Processing Standards Publication 140--1.
	21	SEPI'91. 1991. Symposium on Electromagnetic Security for Information Protection, Rome, Italy.
	22	SPI'88. 1988. Primo simposio nazionale su sicurezza elettromagnetica nella protezione dell'informazione, Rome, Italy.
	23	Neil H. E. Weste , Kamran Eshraghian, Principles of CMOS VLSI design: a systems perspective, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1985
	24	Haim J. Wolfson , Isidore Rigoutsos, Geometric Hashing: An Overview, IEEE Computational Science & Engineering, v.4 n.4, p.10-21, October 1997 [doi>10.1109/99.641604]

CITED BY 7

	Jean-Pierre Seifert, On authenticated computing and RSA-based authentication, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
	R. Muresan , H. Vahedi , Y. Zhanrong , S. Gregori, Power-smart system-on-chip architecture for embedded cryptosystems, Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, September 19-21, 2005, Jersey City, NJ, USA
	Nachiketh R. Potlapally , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha , Ruby B. Lee, Satisfiability-based framework for enabling side-channel attacks on cryptographic software, Proceedings of the conference on Design, automation and test in Europe: Designers' forum, March 06-10, 2006, Munich, Germany
	Onur Aciiçmez , Çetin Kaya Koç , Jean-Pierre Seifert, On the power of simple branch prediction analysis, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
	Nachiketh R. Potlapally , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha , Ruby B. Lee, Aiding side-channel attacks on cryptographic software with satisfiability-based analysis, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.15 n.4, p.465-470, April 2007
	Kazim Yumbul , Erkay Savaş, Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit, Proceedings of the 2nd international conference on Security of information and networks, October 06-10, 2009, Famagusta, North Cyprus
	Huiyun Li , Tingding Chen , Keke Wu , Fengqi Yu, Quantitative evaluation of side-channel security for elliptic curve cryptosystems, Proceedings of the 3rd international conference on Anti-Counterfeiting, security, and identification in communication, p.163-166, August 20-22, 2009, Hong Kong, China