Skip to Main content Skip to Navigation

What can information guess ? : Towards information leakage quantification in side-channel analysis

Abstract : Cryptographic algorithms are nowadays prevalent in establishing secure connectivity in our digital society. Such computations handle sensitive information like encryption keys, which are usually very exposed during manipulation, resulting in a huge threat to the security of the sensitive information concealed in cryptographic components. In the field of embedded systems security, side-channel analysis is one of the most powerful techniques against cryptographic implementations. The main subject of this thesis is the measurable side-channel security of cryptographic implementations, particularly in the presence of random masking. Overall, this thesis consists of two topics. One is the leakage quantification of the most general form of masking equipped with the linear codes, so-called code-based masking; the other one is exploration of applying more generic information measures in a context of side-channel analysis. Two topics are inherently connected to each other in assessing and enhancing the practical security of cryptographic implementations .Regarding the former, we propose a unified coding-theoretic framework for measuring the information leakage in code-based masking. Specifically, our framework builds formal connections between coding properties and leakage metrics in side-channel analysis. Those formal connections enable us to push forward the quantitative evaluation on how the linear codes can affect the concrete security of all code-based masking schemes. Moreover, relying on our framework, we consolidate code-based masking by providing the optimal linear codes in the sense of maximizing the side-channel resistance of the corresponding masking scheme. Our framework is finally verified by attack-based evaluation, where the attacks utilize maximum-likelihood based distinguishers and are therefore optimal. Regarding the latter, we present a full spectrum of application of alpha-information, a generalization of (Shannon) mutual information, for assessing side-channel security. In this thesis, we propose to utilize a more general information-theoretic measure, namely alpha-information (alpha-information) of order alpha. The new measure also gives the upper bound on success rate and the lower bound on the number of measurements. More importantly, with proper choices of alpha, alpha-information provides very tight bounds, in particular, when alpha approaches to positive infinity, the bounds will be exact. As a matter of fact, maximum-likelihood based distinguishers will converge to the bounds. Therefore, we demonstrate how the two world, information-theoretic measures (bounds) and maximum-likelihood based side-channel attacks, are seamlessly connected in side-channel analysis .In summary, our study in this thesis pushes forward the evaluation and consolidation of side-channel security of cryptographic implementations. From a protection perspective, we provide a best-practice guideline for the application of code-based masking. From an evaluation perspective, the application of alpha-information enables practical evaluators and designers to have a more accurate (or even exact) estimation of concrete side-channel security level of their cryptographic chips.
Complete list of metadata
Contributor : ABES STAR :  Contact
Submitted on : Tuesday, December 28, 2021 - 8:01:07 PM
Last modification on : Tuesday, January 18, 2022 - 12:24:01 PM
Long-term archiving on: : Tuesday, March 29, 2022 - 6:30:20 PM


Version validated by the jury (STAR)


  • HAL Id : tel-03504182, version 1


Wei Cheng. What can information guess ? : Towards information leakage quantification in side-channel analysis. Information Theory [cs.IT]. Institut Polytechnique de Paris, 2021. English. ⟨NNT : 2021IPPAT044⟩. ⟨tel-03504182⟩



Record views


Files downloads