Side-channel leakages

from different target devices

Master Thesis (2020)
Author(s)

V. Arora (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Contributor(s)

Stjepan Picek – Mentor (TU Delft - Cyber Security)

Faculty
Electrical Engineering, Mathematics and Computer Science
Copyright
© 2020 Vipul Arora
More Info
expand_more
Publication Year
2020
Language
English
Copyright
© 2020 Vipul Arora
Graduation Date
15-12-2020
Awarding Institution
Delft University of Technology
Programme
Electrical Engineering | Embedded Systems
Faculty
Electrical Engineering, Mathematics and Computer Science
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

The advances in cryptography have enabled the features of confidentiality, security, and integrity in the digital space.
The information about the working of the digital system is used to perform side-channel attacks.
These attacks exploit the physics of the system rather than targeting the mathematical complexity of algorithms.
Side-channel attacks measure the variations in the system's physical characteristics to obtain information about the operations being performed along with the operand data.

In this work, we evaluate how the choice of physical target device impacts the cryptographic implementation's security.
A software implementation is flashed on devices from two different manufactures with the same instruction set, configured for identical execution.
Power traces from different hardware devices are acquired and evaluated using leakage detection methodologies of TVLA, and KL-Divergence.
Trace-sets are compared at the abstraction level of intra-board, inter-board, and inter-class to explore the information leaks.
The performance of leakage detection methodologies in identifying leaks is evaluated using key-rank analysis and verified by profiling templates.

Results show two classes of devices belonging to different manufacturers vary significantly in terms of the power profile yet show similarities in data leakage.
Based on the source of leaks; micro-architecture leaks have minor differences at the inter-board level within boards of the same class, though the results of micro-architecture leaks are not comparable across boards of different classes.
Data-overwrite leaks are specific to the instruction set and pipeline implementation and are observed for both classes of devices.
This work provides a methodology for evaluating software implementations across different hardware.

Files

Thesis_final_2_.pdf
(pdf | 16.4 Mb)
License info not available