Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.687064
Title: Dual-phase side-channel evaluations : leakage detection and exploitation
Author: Mather, Luke
ISNI:       0000 0004 5921 7749
Awarding Body: University of Bristol
Current Institution: University of Bristol
Date of Award: 2015
Availability of Full Text:
Access through EThOS:
Abstract:
Side-channel analysis may be used by an adversary to recover secret information from some form of environmental data emitted by a cryptographic device or application. In this thesis, we discuss some of the challenges faced by evaluation bodies attempting to certify the resistance of devices and applications to side-channel attacks, with relevance to the development of the Common Criteria version 3.1 and FIPS 140-3 standardisation documents. We separate this question into two components: identifying the presence of information leakage in a detection phase, and determining the exact level of the resistance of a device in an exploitation phase. We explore these two components when applied to information leakage in cryptographic hardware and networked web applications. For the detection phase, we demonstrate how various hypothesis tests can be used to reliably detect the presence of information leakage, either as part of a "pass or fail" style approach or to identify instances of leakage warranting further investigation. For the exploitation phase, we present a novel method for combining the results of multiple differential power analysis attacks, finding that in some cases we can dramatically increase the success rate of an adversary using the same data set. We also focus on the implications of the growth in high-performance computing technologies on the evaluation processes, demonstrating that dramatic decreases in the running time of common algorithms can be achieved using modern general purpose graphics processing unit devices and a pipelined architecture. This suggests that the efficiency of the implementation of an attack should be of concern to side-channel evaluators and researchers.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.687064  DOI: Not available
Share: