Abstract
Side-channel leakage detection methods based on statistical tests, such as t-test or \(\chi ^2\)-test, provide a high confidence in the presence of leakage with a large number of traces. However, practical limitations on testing time and equipment may set an upper-bound on the number of traces available, turning the number of traces into a limiting factor in side-channel leakage detection. We describe a statistical technique, based on statistical bootstrapping, that significantly improves the effectiveness of leakage detection using a limited set of traces. Bootstrapping generates additional sample sets from an initial set by assuming that it is representative of the entire population. The additional sample sets are then used to conduct additional leakage detection tests, and we show how to combine the results of these tests. The proposed technique, applied to side-channel leakage detection, can significantly reduce the number of traces required to detect leakage by one, or more orders of magnitude. Furthermore, for an existing measured sample set, the method can significantly increase the confidence of existing leakage hypotheses over a traditional (non-bootstrap) leakage detection test. This paper introduces the bootstrapping technique for leakage detection, applies it to three practical cases, and describes techniques for its efficient computation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bache, F., Plump, C., Güneysu, T.: Confident leakage assessment—a side-channel evaluation framework based on confidence intervals. In: DATE 2018, pp. 1117–1122. IEEE (2018)
Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.-X.: On the cost of lazy engineering for masked software implementations. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 64–81. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16763-3_5
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2
Bronchain, O., Schneider, T., Standaert, F.X.: Multi-tuple leakage detection and the dependent signal issue. IACR Transactions on Cryptographic Hardware and Embedded Systems 2, 318–345 (2019)
Efron, B.: Bootstrap methods: another look at the jackknife. Annl. Stat. 7(1), 1–26 (1979)
Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. NIST non-invasive attack testing workshop. 7, 115–136 (2011)
Hung, H.J., O’Neill, R.T., Bauer, P., Kohne, K.: The behavior of the p-value when the alternative hypothesis is true. Biometrics, 11–22 (1997)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Mangard, S., Oswald, E., Standaert, F.X.: One for all-all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100–110 (2011)
Moradi, A., Richter, B., Schneider, T., Standaert, F.X.: Leakage detection with the \(\chi ^2\)-test. IACR Trans. Cryptographic Hardware and Embedded Systems 1, 209–237 (2018)
Pattengale, N.D., Alipour, M., Bininda-Emonds, O.R.P., Moret, B.M.E., Stamatakis, A.: How many bootstrap replicates are necessary? J. Comput. Biol. 17(3), 337–354 (2010)
Pebay, P.P.: Formulas for robust, one-pass parallel computation of covariances and arbitrary-order statistical moments. Tech. rep, Sandia National Laboratories (2008)
Reparaz, O., Gierlichs, B., Verbauwhede, I.: Fast leakage assessment. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 387–399. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_19
Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_25
Standaert, F.-X.: How (Not) to use welch’s T-test in side-channel security evaluations. In: Bilgin, B., Fischer, J.-B. (eds.) CARDIS 2018. LNCS, vol. 11389, pp. 65–79. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15462-2_5
Tiri, K., Verbauwhede, I.: Securing encryption algorithms against DPA at the logic level: next generation smart card technology. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 125–136. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45238-6_11
Welford, B.: Note on a method for calculating corrected sums of squares and products. Technometrics 4(3), 419–420 (1962)
Zhang, L., Ding, A.A., Durvaux, F., Standaert, F.X., Fei, Y.: Towards sound and optimal leakage detection procedure. IACR Cryptology ePrint Archive 2017, 287 (2017)
Acknowledgement
This research was supported in part by National Science Foundation Award 1617203. The authors would like to thank anonymous reviewers for their valuable feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Yao, Y., Tunstall, M., De Mulder, E., Kochepasov, A., Schaumont, P. (2021). Augmenting Leakage Detection Using Bootstrapping. In: Bertoni, G.M., Regazzoni, F. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2020. Lecture Notes in Computer Science(), vol 12244. Springer, Cham. https://doi.org/10.1007/978-3-030-68773-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-68773-1_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68772-4
Online ISBN: 978-3-030-68773-1
eBook Packages: Computer ScienceComputer Science (R0)