Search

Your search keyword '"Standaert, François-Xavier"' showing total 295 results
Start Over Author "Standaert, François-Xavier" Language english
295 results on '"Standaert, François-Xavier"'

4. Mode-Level vs. Implementation-Level Physical Security in Symmetric Cryptography : A Practical Guide Through the Leakage-Resistance Jungle

Author

Bellizia, Davide, Bronchain, Olivier, Cassiers, Gaëtan, Grosso, Vincent, Guo, Chun, Momin, Charles, Pereira, Olivier, Peters, Thomas, Standaert, François-Xavier, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Micciancio, Daniele, editor, and Ristenpart, Thomas, editor

Published
2020
Full Text
View/download PDF

5. Key Enumeration from the Adversarial Viewpoint : When to Stop Measuring and Start Enumerating?

Author

Azouaoui, Melissa, Poussier, Romain, Standaert, François-Xavier, Verneuil, Vincent, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Belaïd, Sonia, editor, and Güneysu, Tim, editor

Published
2020
Full Text
View/download PDF

12. Authenticated Encryption with Nonce Misuse and Physical Leakage: Definitions, Separation Results and First Construction : (Extended Abstract)

Author

Guo, Chun, Pereira, Olivier, Peters, Thomas, Standaert, François-Xavier, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Schwabe, Peter, editor, and Thériault, Nicolas, editor

Published
2019
Full Text
View/download PDF

13. Fast Side-Channel Security Evaluation of ECC Implementations : Shortcut Formulas for Horizontal Side-Channel Attacks Against ECSM with the Montgomery Ladder

Author

Azouaoui, Melissa, Poussier, Romain, Standaert, François-Xavier, Hutchison, David, Editorial Board Member, Kanade, Takeo, Editorial Board Member, Kittler, Josef, Editorial Board Member, Kleinberg, Jon M., Editorial Board Member, Mattern, Friedemann, Editorial Board Member, Mitchell, John C., Editorial Board Member, Naor, Moni, Editorial Board Member, Pandu Rangan, C., Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Terzopoulos, Demetri, Editorial Board Member, Tygar, Doug, Editorial Board Member, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Polian, Ilia, editor, and Stöttinger, Marc, editor

Published
2019
Full Text
View/download PDF

16. Getting the Most Out of Leakage Detection : Statistical Tools and Measurement Setups Hand in Hand

Author

Merino del Pozo, Santos, Standaert, François-Xavier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, and Guilley, Sylvain, editor

Published
2017
Full Text
View/download PDF

17. Towards Fair and Efficient Evaluations of Leaking Cryptographic Devices : Overview of the ERC Project CRASH, Part I (Invited Talk)

Author

Standaert, François-Xavier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Carlet, Claude, editor, Hasan, M. Anwar, editor, and Saraswat, Vishal, editor

Published
2016
Full Text
View/download PDF

19. Optimally Secure Tweakable Block Ciphers with a Large Tweak from n-bit Block Ciphers

Author

Shen, Yaobin and Standaert, François-Xavier

Subjects
Tweakable Block Cipher, Large Tweak, Optimal (n-bit) Security
Abstract

We consider the design of a tweakable block cipher from a block cipher whose inputs and outputs are of size n bits. The main goal is to achieve 2n security with a large tweak (i.e., more than n bits). Previously, Mennink at FSE’15 and Wang et al. at Asiacrypt’16 proposed constructions that can achieve 2n security. Yet, these constructions can have a tweak size up to n-bit only. As evident from recent research, a tweakable block cipher with a large tweak is generally helpful as a building block for modes of operation, typical applications including MACs, authenticated encryption, leakage-resistant cryptography and full-disk encryption.We begin with how to design a tweakable block cipher with 2n-bit tweak and n-bit security from two block cipher calls. For this purpose, we do an exhaustive search for tweakable block ciphers with 2n-bit tweaks from two block cipher calls, and show that all of them suffer from birthday-bound attacks. Next, we investigate the possibility to design a tweakable block cipher with 2n-bit tweak and n-bit security from three block cipher calls. We start with some conditions to build such a tweakable block cipher and propose a natural construction, called G̃1, that likely meets them. After inspection, we find a weakness in G̃1 which leads to a birthday-bound attack. Based on G̃1, we then propose another construction, called G̃2, that can avoid this weakness. We finally prove that G̃2 can achieve n-bit security with 2n-bit tweak.

Published
2023

20. Making Masking Security Proofs Concrete : Or How to Evaluate the Security of Any Leaking Device

Author

Duc, Alexandre, Faust, Sebastian, Standaert, François-Xavier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Oswald, Elisabeth, editor, and Fischlin, Marc, editor

Published
2015
Full Text
View/download PDF

21. Combining Leakage-Resilient PRFs and Shuffling : Towards Bounded Security for Small Embedded Devices

Author

Grosso, Vincent, Poussier, Romain, Standaert, François-Xavier, Gaspar, Lubos, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Joye, Marc, editor, and Moradi, Amir, editor

Published
2015
Full Text
View/download PDF

23. FPGA Implementations of SPRING : And Their Countermeasures against Side-Channel Attacks

Author

Brenner, Hai, Gaspar, Lubos, Leurent, Gaëtan, Rosen, Alon, Standaert, François-Xavier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Batina, Lejla, editor, and Robshaw, Matthew, editor

Published
2014
Full Text
View/download PDF

24. From New Technologies to New Solutions : Exploiting FRAM Memories to Enhance Physical Security

Author

Kerckhof, Stéphanie, Standaert, François-Xavier, Peeters, Eric, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Francillon, Aurélien, editor, and Rohatgi, Pankaj, editor

Published
2014
Full Text
View/download PDF

25. Security Evaluations beyond Computing Power : How to Analyze Side-Channel Attacks You Cannot Mount?

Author

Veyrat-Charvillon, Nicolas, Gérard, Benoît, Standaert, François-Xavier, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Johansson, Thomas, editor, and Nguyen, Phong Q., editor

Published
2013
Full Text
View/download PDF

26. Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations : (Extended Abstract)

Author

Bogdanov, Andrey, Knudsen, Lars R., Leander, Gregor, Standaert, Francois-Xavier, Steinberger, John, Tischhauser, Elmar, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Pointcheval, David, editor, and Johansson, Thomas, editor

Published
2012
Full Text
View/download PDF

27. Masking with Randomized Look Up Tables : Towards Preventing Side-Channel Attacks of All Orders

Author

Standaert, François-Xavier, Petit, Christophe, Veyrat-Charvillon, Nicolas, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Naccache, David, editor

Published
2012
Full Text
View/download PDF

28. TIPECS : A corpus cleaning method using machine learning and qualitative analysis

Author

Bogaert, Jérémie, Escouflaire, Louis, de Marneffe, Marie-Catherine, Descampe, Antonin, Standaert, François-Xavier, Fairon, Cédrick, and UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique

Subjects
machine learning, corpus linguistics, corpus cleaning, transformers
Abstract

We present TIPECS ("Train, Infer Predictions, Explain, Clean, Start again"), a corpus cleaning method relying on a mixed approach between machine learning and manual analysis. The aim of our dataset cleaning approach is to remove tokens or segments that are considered as discriminant features by a classification model trained on a given dataset for a given task, but that cannot be generalized to other similar tasks or datasets.

Published
2023

29. Secure Message Authentication in the Presence of Leakage and Faults

Author

Berti, Francesco, Guo, Chun, Peters, Thomas, Shen, Yaobin, Standaert, François-Xavier, and UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique

Subjects
Computational Mathematics, Faults, Mode-Level Protections, Applied Mathematics, Combine Attacks, Leakage, Software, Computer Science Applications
Abstract

Security against side-channels and faults is a must for the deployment of embedded cryptography. A wide body of research has investigated solutions to secure implementations against these attacks at different abstraction levels. Yet, to a large extent, current solutions focus on one or the other threat. In this paper, we initiate a mode-level study of cryptographic primitives that can ensure security in a (new and practically-motivated) adversarial model combining leakage and faults. Our goal is to identify constructions that do not require a uniform protection of all their operations against both attack vectors. For this purpose, we first introduce a versatile and intuitive model to capture leakage and faults. We then show that a MAC from Asiacrypt 2021 natively enables a leveled implementation for fault resilience where only its underlying tweakable block cipher must be protected, if only the tag verification can be faulted. We finally describe two approaches to amplify security for fault resilience when also the tag generation can be faulted. One is based on iteration and requires the adversary to inject increasingly large faults to succeed. The other is based on randomness and allows provable security against differential faults.

Published
2023

31. Optimally Secure Tweakable Block Ciphers with a Large Tweak

Author

Shen, Yaobin, Standaert, François-Xavier, and UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique

Subjects
Tweakable block cipher, large tweak, optimal security
Abstract

We consider the design of a tweakable block cipher from a block cipher whose inputs and outputs are of size n bits. The main goal is to achieve 2n security with a large tweak (more than n bits). Previously, Mennink at FSE’15 and Wang et al. at Asiacrypt’16 proposed constructions that can achieve 2n security. Yet, these constructions can have a tweak size up to n-bit. As evident from recent research, a tweakable block cipher with a large tweak is generally helpful as a building block for modes of operation, typical applications including MACs, authenticated encryption and full-disk encryption when sector ID is more than n bits. We begin with how to design a tweakable block cipher with 2n-bit tweak and n-bit security from two block cipher calls. For this purpose, we do an exhaustive search for tweakable block ciphers with 2n-bit tweaks from two block cipher calls, and show that all of them suffer from birthday-bound attacks. Next, we investigate the possibility to design a tweakable block cipher with 2n-bit tweak and n-bit security from three block cipher calls. We start with some conditions to build a such tweakable block cipher and propose a natural construction, called eG1, that likely meets them. After inspection, we find a weakness on eG1 which leads to a birthday-bound attack. Based on eG1, we then propose another construction, called eG2, that can avoid this weakness. We finally prove that eG2 can achieve n-bit security with 2n-bit tweak.

Published
2023

32. Multiplex: TBC-based Authenticated Encryption with Sponge-Like Rate

Author

Peters, Thomas, Shen, Yaobin, Standaert, François-Xavier, and UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique

Abstract

Authenticated Encryption (AE) modes of operation based on Tweakable Block Ciphers (TBC) usually measure efficiency in the number of calls to the underlying primitive per message block. On the one hand, many existing solutions reach a primitive-rate of 1, meaning that each n-bit block of message asymptotically needs a single call to the TBC with output length n. On the other hand, while these modes look optimal in a blackbox setting, they become less attractive when leakage comes into play, since all these calls must then be equally well protected to maintain security. Leakage-resistant modes improve this situation, by generating ephemeral keys every constant number of calls. However, rekeying is inherently suboptimal in primitive-rate, since a TBC call can only be used either to refresh a key or to encrypt a block. Even worse, existing solutions achieving almost n bits of security for n-bit secret keys have at most a primitive-rate 2/3. Hence the question: Can we design a highly-secure TBC-based rekeying mode with “nearly optimal” primitive-rate? We answer this question positively with Multiplex, a new mode that has primitive-rate d/(d+1) given a TBC with a dn-bit tweak. Multiplex achieves n−log(n) bits of security for both (i) misuse-resilience CCA security in the blackbox setting and (ii) Ciphertext Integrity with Misuse-resistant and unbounded Leakage in encryption and decryption (CIML2). It also provides (iii) confidentiality with leakage up to the birthday bound. Furthermore, Multiplex can run d + 1 calls in parallel in each iteration. The combination of these features gives a mode of operation that inherits most of the good implementation features and flexibility of a Duplex sponge – therefore paving the way towards sound comparisons between TBC-based and permutation-based AE.

Published
2023

34. MCRank: Monte Carlo Key Rank Estimation for Side-Channel Security Evaluations

Author

Camurati, Giovanni, Dell’Amico, Matteo, and Standaert, François-Xavier

Subjects
Key rank estimation, Side channel attacks, Monte Carol methods, Artificial Intelligence, Computer Networks and Communications, Hardware and Architecture, Key rank estimation, Side channel attacks, Monte Carlo methods, Signal Processing, Monte Carlo methods, Computer Graphics and Computer-Aided Design, Software
Abstract

Key rank estimation provides a measure of the effort that the attacker has to spend bruteforcing the key of a cryptographic algorithm, after having gained some information from a side channel attack. We present MCRank, a novel method for key rank estimation based on Monte Carlo sampling. MCRank provides an unbiased estimate of the rank and a confidence interval. Its bounds rapidly become tight for increasing sample size, with a corresponding linear increase of the execution time. When applied to evaluate an AES-128 implementation, MCRank can be orders of magnitude faster than the state-of-the-art histogram-based enumeration method for comparable bound tightness. It also scales better than previous work for large keys, up to 2048 bytes. Besides its conceptual simplicity and efficiency, MCRank can assess for the first time the security of large keys even if the probability distributions given the side channel leakage are not independent between subkeys, which occurs, for example, when evaluating the leakage security of an AES-256 implementation., IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023 (1), ISSN:2569-2925

Published
2022

37. Power Analysis of an FPGA : Implementation of Rijndael: Is Pipelining a DPA Countermeasure?

Author

Standaert, François-Xavier, Örs, Sıddıka Berna, Preneel, Bart, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Joye, Marc, editor, and Quisquater, Jean-Jacques, editor

Published
2004
Full Text
View/download PDF

39. Towards Globally Optimized Hybrid Homomorphic Encryption - Featuring the Elisabeth Stream Cipher

Author

Cosseron, Orel, Hoffmann, Clément, Méaux, Pierrick, Standaert, François-Xavier, Arithmétiques des ordinateurs, méthodes formelles, génération de code (ARIC), Laboratoire de l'Informatique du Parallélisme (LIP), École normale supérieure de Lyon (ENS de Lyon)-Université Claude Bernard Lyon 1 (UCBL), Université de Lyon-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure de Lyon (ENS de Lyon)-Université Claude Bernard Lyon 1 (UCBL), Université de Lyon-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Lyon, Institut National de Recherche en Informatique et en Automatique (Inria), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Université Catholique de Louvain = Catholic University of Louvain (UCL), University of Luxembourg [Luxembourg], and Stehle, Damien

Subjects
[INFO]Computer Science [cs], [INFO] Computer Science [cs]
Abstract

International audience

Published
2022

41. Analyzing the Leakage Resistance of the NIST’s Lightweight Crypto Competition’s Finalists

Author

Verhamme, Corentin, Cassiers, Gaëtan, Standaert, François-Xavier, and UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique

Abstract

We investigate the security of the NIST Lightweight Crypto Competition’s Finalists against side-channel attacks. We start with a mode-level analysis that allows us to put forward three candidates (As- con, ISAP and Romulus-T) that stand out for their leakage properties and do not require a uniform protection of all their computations thanks to (expensive) implementation-level countermeasures. We then imple- ment these finalists and evaluate their respective performances. Our re- sults confirm the interest of so-called leveled implementations (where only the key derivation and tag generation require security against dif- ferential power analysis). They also suggest that these algorithms differ more by their qualitative features (e.g., two-pass designs to improve confi- dentiality with decryption leakage vs. one-pass designs, flexible overheads thanks to masking vs. fully mode-level, easier to implement, schemes) than by their quantitative features, which all improve over the AES and are quite sensitive to security margins against cryptanalysis.

Published
2022

42. Bitslice Masking and Improved Shuffling: How and When to Mix Them in Software?

Author

Azouaoui, Melissa, Bronchain, Olivier, Grosso, Vincent, Papagiannopoulos, Kostas, Standaert, François-Xavier, NXP Semiconductors, Université Catholique de Louvain = Catholic University of Louvain (UCL), Centre National de la Recherche Scientifique (CNRS), Laboratoire Hubert Curien [Saint Etienne] (LHC), Université Jean Monnet [Saint-Étienne] (UJM)-Centre National de la Recherche Scientifique (CNRS)-Institut d'Optique Graduate School (IOGS), and University of Amsterdam [Amsterdam] (UvA)

Subjects
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Abstract

Pre-prints; We revisit the popular adage that side-channel countermeasures must be combined to be efficient, and study its application to bitslice masking and shuffling. Our contributions are threefold. First, we improve this combination: by shuffling the shares of a masked implementation rather than its tuples, we can amplify the impact of the shuffling exponentially in the number of shares, while this impact was independent of the masking security order in previous works. Second, we evaluate the masking and shuffling combination's performance vs. security tradeoff under sufficient noise conditions: we show that the best approach is to mask first (i.e., fill the registers with as many shares as possible) and shuffle the independent operations that remain. Third, we discuss the challenges for implementing masking and shuffling under low noise conditions: we recall that such algorithmic countermeasures cannot be implemented securely without a minimum level of physical noise. We conclude that with moderate but sufficient noise, the bitslice masking + shuffling combination is relevant, and its interest increases when randomness is expensive and many independent operations are available for shuffling. When these conditions are not met, masking only is the best option. As a side result, we improve the best known attack against shuffling from Asiacrypt 2012, which we use in our concrete evaluations.

Published
2021

47. Breaking Masked Implementations with Many Shares on 32-bit Software Platforms

Author

Bronchain, Olivier and Standaert, François-Xavier

Subjects
TK7885-7895, Computer engineering. Computer hardware, SASCA, Higher-Order Masking, Information technology, T58.5-58.64, Profiled Side-Channel Analysis, Dimensionality Reduction, Bitslice Software, Physical Security Evaluations
Abstract

We explore the concrete side-channel security provided by state-of-theart higher-order masked software implementations of the AES and the (candidate to the NIST Lightweight Cryptography competition) Clyde, in ARM Cortex-M0 and M3 devices. Rather than looking for possibly reduced security orders (as frequently considered in the literature), we directly target these implementations by assuming their maximum security order and aim at reducing their noise level thanks to multivariate, horizontal and analytical attacks. Our investigations point out that the Cortex-M0 device has so limited physical noise that masking is close to ineffective. The Cortex-M3 shows a better trend but still requires a large number of shares to provide strong security guarantees. Practically, we first exhibit a full 128-bit key recovery in less than 10 traces for a 6-share masked AES implementation running on the Cortex-M0 requiring 232 enumeration power. A similar attack performed against the Cortex-M3 with 5 shares require 1,000 measurements with 244 enumeration power. We then show the positive impact of lightweight block ciphers with limited number of AND gates for side-channel security, and compare our attacks against a masked Clyde with the best reported attacks of the CHES 2020 CTF. We complement these experiments with a careful information theoretic analysis, which allows interpreting our results. We also discuss our conclusions under the umbrella of “backwards security evaluations” recently put forwards by Azouaoui et al. We finally extrapolate the evolution of the proposed attack complexities in the presence of additional countermeasures using the local random probing model proposed at CHES 2020.

Published
2021

Catalog

Books, media, physical & digital resources
See catalog results