Nearly twenty years ago the discovery of side channel attacks has warned the world that security is more than just a mathematical problem. Serious considerations need to be placed on the implementation and its physical media. Nowadays the ever-growing ubiquitous computing calls for in-pace development of security solutions. Although the physical security has attracted increasing public attention, side channel security remains as a problem that is far from being completely solved. An important problem is how much expertise is required by a side channel adversary. The essential interest is to explore whether detailed knowledge about implementation and leakage model are indispensable for a successful side channel attack. If such knowledge is not a prerequisite, attacks can be mounted by even inexperienced adversaries. Hence the threat from physical observables may be underestimated. Another urgent problem is how to secure a cryptographic system in the exposure of unavoidable leakage. Although many countermeasures have been developed, their effectiveness pends empirical verification and the side channel security needs to be evaluated systematically. The research in this dissertation focuses on two topics, leakage-model independent side channel analysis and security evaluation, which are described from three perspectives: leakage detection, exploitation and quantification. To free side channel analysis from the complicated procedure of leakage modeling, an observation to observation comparison approach is proposed. Several attacks presented in this work follow this approach. They exhibit efficient leakage detection and exploitation under various leakage models and implementations. More importantly, this achievement no longer relies on or even requires precise leakage modeling. For the security evaluation, a weak maximum likelihood approach is proposed. It provides a quantification of the loss of full key security due to the presence of side channel leakage. A constructive algorithm is developed following this approach. The algorithm can be used by security lab to measure the leakage resilience. It can also be used by a side channel adversary to determine whether limited side channel information suffices the full key recovery at affordable expense.

Creator

• Ye, Xin

Contributors

• Lai, Lifeng
• Sunar, Berk
• Eisenbarth, Thomas
• Ding, Adam

Degree

• PhD

Unit

• Electrical & Computer Engineering

Publisher

• Worcester Polytechnic Institute

Language

• English

Identifier

• etd-012715-135840

Keyword

• Embedded System Security Evaluation
• Side Channel Analysis
• Applied Cryptography
• Leakage Analysis

Advisor

• Eisenbarth, Thomas

Committee

• Ding, Adam
• Sunar, Berk
• Lai, Lifeng

Defense date

• 2014-11-21

Year

• 2015

Date created

• 2015-01-27

Resource type

• Dissertation

Rights statement

• In Copyright