Abstract
Side Channel Analysis (SCA) is known to be a serious threat for cryptographic algorithms since twenty years. Recently, the explosion of the Internet of Things (IoT) has increased the number of devices that can be targeted by these attacks, making this threat more relevant than ever. Furthermore, the evaluations of cryptographic algorithms regarding SCA are usually performed at the very end of a product design cycle, impacting considerably the time-to-market in case of security flaws. Hence, early simulations of embedded software and methodologies have been developed to assess vulnerabilities with respect to SCA for specific hardware architectures. Aiming to provide an agnostic evaluation method, we propose in this paper a new methodology of data collection and analysis to reveal leakage of sensitive information from any software implementation. As an illustration our solution is used interestingly to break a White Box Cryptography (WBC) implementation, challenging existing simulation-based attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
References
Ahn, H., Han, D.-G.: Multilateral white-box cryptanalysis: case study on WB-AES of CHES challenge 2016. IACR Cryptology ePrint Archive 2016:807 (2016)
Allibert, J., Feix, B., Gagnerot, G., Kane, I., Thiebeauld, H., Razafindralambo, T.: Chicken or the egg - computational data attacks or physical attacks. IACR Cryptology ePrint Archive 2015:1086 (2015)
Bos, J.W., Hubain, C., Michiels, W., Teuwen, P.: Differential computation analysis: hiding your white-box designs is not enough. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 215–236. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_11
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2
Debande, N., Berthier, M., Bocktaels, Y., Le, T.-H.: Profiled model based power simulator for side channel evaluation. IACR Cryptology ePrint Archive 2012:703 (2012)
Debande, N., Souissi, Y., Nassar, M., Guilley, S., Le, T.-H., Danger, J.-L.: “Re-synchronization by moments”: an efficient solution to align side-channel traces. In: 2011 IEEE International Workshop on Information Forensics and Security, WIFS 2011, Iguacu Falls, Brazil, 29 November-2 December 2011, pp. 1–6 (2011)
Doget, J., Prouff, E., Rivain, M., Standaert, F.-X.: Univariate side channel attacks and leakage modeling. J. Crypt. Eng. 1(2), 123–144 (2011)
Guilley, S., Khalfallah, K., Lomne, V., Danger, J.-L.: Formal framework for the evaluation of waveform resynchronization algorithms. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 100–115. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21040-2_7
McCann, D., Whitnall, C., Oswald, E.: ELMO: emulating leaks for the ARM cortex-M0 without access to a side channel lab. IACR Cryptology ePrint Archive 2016:517 (2016)
Thiebeauld, H., Gagnerot, G., Wurcker, A., Clavier, C.: SCATTER: a new dimension in side-channel. Cryptology ePrint Archive, Report 2017/706 (2017). https://eprint.iacr.org/2017/706
Thuillet, C., Andouard, P., Ly, O.: A smart card power analysis simulator. In: Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, CSE 2009, Vancouver, BC, Canada, 29–31 August 2009, pp. 847–852 (2009)
van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving differential power analysis by Elastic alignment. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 104–119. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_8
Veshchikov, N.: SILK: high level of abstraction leakage simulator for side channel analysis. In: Proceedings of the 4th Program Protection and Reverse Engineering Workshop, PPREW@ACSAC 2014, New Orleans, LA, USA, 9 December 2014, pp. 3:1–3:11 (2014)
Whitnall, C., Oswald, E.: A fair evaluation framework for comparing side-channel distinguishers. J. Crypt. Eng. 1(2), 145–160 (2011)
Acknowledgments
This work was partly supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No. 2016-0-00399, Study on secure key hiding technology for IoT devices [KeyHAS Project]) and other project(s).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Facon, A., Guilley, S., Lec’hvien, M., Marion, D., Perianin, T. (2019). Binary Data Analysis for Source Code Leakage Assessment. In: Lanet, JL., Toma, C. (eds) Innovative Security Solutions for Information Technology and Communications. SECITC 2018. Lecture Notes in Computer Science(), vol 11359. Springer, Cham. https://doi.org/10.1007/978-3-030-12942-2_30
Download citation
DOI: https://doi.org/10.1007/978-3-030-12942-2_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12941-5
Online ISBN: 978-3-030-12942-2
eBook Packages: Computer ScienceComputer Science (R0)