Test Vector Leakage Assessment Technique of Side-channel Power Information

ZHENG Zhen; YAN Yingjian; LIU Yanjiang

doi:10.11999/JEIT230295

Volume 45 Issue 9

Sep. 2023

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2023 > 45(9): 3109-3117

ZHENG Zhen, YAN Yingjian, LIU Yanjiang. Test Vector Leakage Assessment Technique of Side-channel Power Information[J]. Journal of Electronics & Information Technology, 2023, 45(9): 3109-3117. doi: 10.11999/JEIT230295

Citation:

ZHENG Zhen, YAN Yingjian, LIU Yanjiang. Test Vector Leakage Assessment Technique of Side-channel Power Information[J]. Journal of Electronics & Information Technology, 2023, 45(9): 3109-3117. doi: 10.11999/JEIT230295

Citation:

PDF( 369 KB)

Test Vector Leakage Assessment Technique of Side-channel Power Information

doi: 10.11999/JEIT230295

Information Engineering University of Strategic Support Force, Zhengzhou 450001, China

Received Date: 2023-04-18
Accepted Date: 2023-07-11
Rev Recd Date: 2023-07-11

Available Online: 2023-07-13

Publish Date: 2023-09-27

Abstract

Abstract

The side-channel power analysis attack technique, with its advantages of low computational complexity and high generality, poses a critical security challenge to all kinds of cryptographic implementations. The assessment of resistance to power analysis attacks has become an essential aspect of cryptographic product security evaluation. Test Vector Leakage Assessment (TVLA) is a power information leakage evaluation method based on hypothesis testing techniques, which is highly efficient and operable, and is now widely used in security evaluation experiments of cryptographic products. In order to have a comprehensive understanding of the mechanism of TVLA technology and the current status of research, this paper begins with an overview of TVLA technology, including an explanation of its implementation principles and a description of its implementation process, followed by a comparison of the advantages and disadvantages of both specific and non-specific TVLA. The limitations of TVLA are then analyzed and summarized in depth with reference to existing studies, based on which existing approaches for improving TVLA are highlighted and analyzed, and finally the possible future directions of TVLA are prospected.
- Security assessment,
- Side-channel,
- Power analysis attack,
- Test Vector Leakage Assessment (TVLA)

FullText(HTML)

References(39)

References

[1]	KOCHER P, JAFFE J, and JUN B. Differential power analysis[C]. Proceedings of the 19th Annual International Cryptology Conference, Santa Barbara, USA, 1999: 388–397.
[2]	RADHAKRISHNAN R A. Side-channel resistant implementation using arbiter PUF[J]. Cryptology ePrint Archive, 2023.
[3]	赵毅强, 王庆雅, 马浩诚, 等. 基于数据预处理的侧信道分析优化方法[J]. 电子与信息学报, 2023, 45(1): 49–58. doi: 10.11999/JEIT211462 ZHAO Yiqiang, WANG Qingya, MA Haocheng, et al. Side channel analysis optimization method based on data preprocessing[J]. Journal of Electronics &Information Technology, 2023, 45(1): 49–58. doi: 10.11999/JEIT211462
[4]	BREUER R, STANDAERT F X, and LEVI I. Fully-digital randomization based side-channel security—toward ultra-low cost-per-security[J]. IEEE Access, 2022, 10: 68440–68449. doi: 10.1109/ACCESS.2022.3185995
[5]	PERIN G, WU Lichao, and PICEK S. Exploring feature selection scenarios for deep learning-based side-channel analysis[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022, 2022(4): 828–861. doi: 10.46586/tches.v2022.i4.828-861
[6]	Common Criteria v3.1. Release 4[EB/OL]. https://www.commoncriteriaportal.org/cc/index.cfm?, 2013.
[7]	陈华, 习伟, 范丽敏, 等. 密码产品的侧信道分析与评估[J]. 电子与信息学报, 2020, 42(8): 1836–1845. doi: 10.11999/JEIT190853 CHEN Hua, XI Wei, FAN Limin, et al. Side channel analysis and evaluation on cryptographic products[J]. Journal of Electronics &Information Technology, 2020, 42(8): 1836–1845. doi: 10.11999/JEIT190853
[8]	GOODWILL G, JUN B, JAFFE J, et al. A testing methodology for side-channel resistance validation[C]. NIST Non-Invasive Attack Testing Workshop, 2011: 115–136.
[9]	COOPER J, DEMULDER E, GOODWILL G, et al. Test Vector Leakage Assessment (TVLA) methodology in practice[C]. International Cryptographic Module Conference, Shanghai, China, 2013.
[10]	WANG L C, GOLDER A, FANG Yan, et al. Power side-channel leakage assessment of reference implementation of SABER key encapsulation mechanism[C]. 2022 Opportunity Research Scholars Symposium (ORSS), Atlanta, USA, 2022: 8–11.
[11]	SAARINEN M J O. WiP: Applicability of ISO standard side-channel leakage tests to NIST post-quantum cryptography[C]. 2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), McLean, USA, 2022: 69–72.
[12]	KRAUSZ M, LAND G, RICHTER-BROCKMANN J, et al. Efficiently masking polynomial inversion at arbitrary order[C/OL]. The 13th International Conference on Post-Quantum Cryptography, 2022: 309–326.
[13]	SADHUKHAN R, CHAKRABORTY A, DATTA N, et al. Light but tight: Lightweight composition of serialized s-boxes with diffusion layers for strong ciphers[C]. The 12th International Conference on Security, Privacy, and Applied Cryptography Engineering, Jaipur, India, 2022: 28–49.
[14]	KHAIRALLAH M and BHASIN S. Hardware implementation of masked SKINNY SBox with application to AEAD[C]. The 12th International Conference on Security, Privacy, and Applied Cryptography Engineering, Jaipur, India, 2022: 50–69.
[15]	DUAN Xiaoyi, HUANG Ye, SU Yonghua, et al. Research on the grouping method of side-channel leakage detection[C/OL]. The 18th International Conference on Security and Privacy in Communication Systems, 2023: 807–818.
[16]	LU Chuanchao, CUI Yijun, KHALID A, et al. A novel combined Correlation Power Analysis (CPA) attack on schoolbook polynomial multiplication in lattice-based cryptosystems[C]. 2022 IEEE 35th International System-on-Chip Conference (SOCC), Belfast, UK, 2022: 1–6.
[17]	WELCH B L. The generalization of ‘STUDENT'S’ problem when several different population varlances are involved[J]. Biometrika, 1947, 34(1/2): 28–35. doi: 10.1093/biomet/34.1-2.28
[18]	STANDAERT F X. How (not) to use welch’s t-test in side-channel security evaluations[C]. The 17th International Conference on Smart Card Research and Advanced Applications, Montpellier, France, 2019: 65–79.
[19]	WHITNALL C and OSWALD E. A cautionary note regarding the usage of leakage detection tests in security evaluation[J]. Cryptology ePrint Archive, 2019.
[20]	ROY D B, BHASIN S, GUILLEY S, et al. CC meets FIPS: A hybrid test methodology for first order side channel analysis[J]. IEEE Transactions on Computers, 2018, 68(3): 347–361. doi: 10.1109/TC.2018.2875746
[21]	DURVAUX F and STANDAERT F X. From improved leakage detection to the detection of points of interests in leakage traces[C]. The 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, 2016: 240–262.
[22]	LEI Wan, WANG Lihui, SHAN Weijun, et al. A frequency-based leakage assessment methodology for side-channel evaluations[C]. The 13th International Conference on Computational Intelligence and Security (CIS), Hong Kong, China, 2017: 590–593.
[23]	ZHANG Liwei. Statistics in side channel analysis-modeling, metric, leakage detection testing[D]. [Ph. D. dissertation], Northeastern University, 2017.
[24]	WHITNALL C and OSWALD E. A critical analysis of ISO 17825 (‘testing methods for the mitigation of non-invasive attack classes against cryptographic modules’)[C]. The 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, 2019: 256–284.
[25]	BRONCHAIN O, SCHNEIDER T, and STANDAERT F X. Multi-tuple leakage detection and the dependent signal issue[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019, 2019(2): 318–345. doi: 10.13154/tches.v2019.i2.318-345
[26]	SCHNEIDER T and MORADI A. Leakage assessment methodology: A clear roadmap for side-channel evaluations[C]. The 17th International Workshop on Cryptographic Hardware and Embedded Systems, Saint-Malo, France, 2015: 495–513.
[27]	王娅茹, 唐明. 基于Bartlett和多分类F检验侧信道泄露评估[J]. 通信学报, 2021, 42(12): 35–43. doi: 10.11959/j.issn.1000−436x.2021235 WANG Yaru and TANG Ming. Side channel leakage assessment with the Bartlett and multi-classes F-test[J]. Journal on Communications, 2021, 42(12): 35–43. doi: 10.11959/j.issn.1000−436x.2021235
[28]	ZHOU Xinping, QIAO Kexin, and OU Changhai. Leakage detection with Kolmogorov-Smirnov test[J]. Cryptology ePrint Archive, 2019.
[29]	REPARAZ O, GIERLICHS B, and VERBAUWHEDE I. Fast leakage assessment[C]. The 19th International Conference on Cryptographic Hardware and Embedded Systems, Taipei, China, 2017: 387–399.
[30]	ROY D B, BHASIN S, GUILLEY S, et al. Leak me if you can: Does TVLA reveal success rate?[J]. Cryptology ePrint Archive, 2016.
[31]	FEI Yunsi, DING A A, LAO Jian, et al. A statistics-based success rate model for DPA and CPA[J]. Journal of Cryptographic Engineering, 2015, 5(4): 227–243. doi: 10.1007/s13389-015-0107-0
[32]	GAO Si and OSWALD E. A novel framework for explainable leakage assessment[J]. Cryptology ePrint Archive, 2022.
[33]	曹雨晨, 周永彬. 多源融合信息泄漏检测方法[J]. 信息安全学报, 2020, 5(6): 40–52. doi: 10.19363/J.cnki.cn10-1380/tn.2020.11.04 CAO Yuchen and ZHOU Yongbin. Multi-channel fusion leakage detection[J]. Journal of Cyber Security, 2020, 5(6): 40–52. doi: 10.19363/J.cnki.cn10-1380/tn.2020.11.04
[34]	DING A A, CHEN Cong, and EISENBARTH T. Simpler, faster, and more robust t-test based leakage detection[C]. The 7th International Workshop on Constructive Side-Channel Analysis and Secure Design, Graz, Austria, 2016: 163–183.
[35]	鹿福祥, 李伟键, 黄娴. 基于配对t检验的侧信道泄露评估优化研究[J]. 小型微型计算机系统, 2019, 40(12): 2585–2590. doi: 10.3969/j.issn.1000-1220.2019.12.021 LU Fuxiang, LI Weijian, and HUANG Xian. Research on optimization of side channel leakage assessment based on paired t test[J]. Journal of Chinese Computer Systems, 2019, 40(12): 2585–2590. doi: 10.3969/j.issn.1000-1220.2019.12.021
[36]	MOOS T, WEGENER F, and MORADI A. DL-LA: Deep learning leakage assessment: A modern roadmap for SCA evaluations[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021, 2021(3): 552–598. doi: 10.46586/tches.v2021.i3.552-598
[37]	BALASCH J, GIERLICHS B, GROSSO V, et al. On the cost of lazy engineering for masked software implementations[C]. The 13th International Conference on Smart Card Research and Advanced Applications, Paris, France, 2015: 64–81.
[38]	DING A A, ZHANG Liwei, DURVAUX F, et al. Towards sound and optimal leakage detection procedure[C]. The 16th International Conference on Smart Card Research and Advanced Applications, Lugano, Switzerland, 2018: 105–122.
[39]	MORADI A, RICHTER B, SCHNEIDER T, et al. Leakage detection with the x2-test[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018, 2018(1): 209–237. doi: 10.13154/tches.v2018.i1.209-237