Welcome to the resource topic for 2004/369

Title:
SCA1 Model: Towards a concrete security approach to the design of cryptosystems secure against side-channel attacks

Authors: Filipe Rosado da-Fonseca

When implementing cryptosystems in general purpose cryptographic hardware, one takes profit of the Application Programming Interfaces (APIs) displaced by the hardware to code the required cryptosystems. The functions made available by these APIs are divided into two groups, the group of the non-cryptographic functions and the group of the cryptographic primitives. When using these functions, one assumes that the functions of the first group are protected against simple side-channel attacks and the functions of the second group are protected against both simple and differential side-channel attacks. Nonetheless, the cryptosystems that make use of these functions may leak information through side-channels. To close this gap of security, a new model is introduced here. It deeply explains how the functions made available by the hardware’s APIs must be protected against side-channel attacks and how this hardware must manage memory. In addition, it introduces an adversary that can undertake side-channel attacks against the cryptosystems to test, and teaches how to represent these attacks in pseudo-code. This paper terminates with both the introduction of some security notions and the presentation of the results of testing some well known cryptosystems in accordance with the latter security notions.

ePrint: https://eprint.iacr.org/2004/369

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .