Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.701650
Title: Side-channel information extraction and exploitation in the context of single trace attacks
Author: Banciu, Valentina
ISNI:       0000 0004 5992 5868
Awarding Body: University of Bristol
Current Institution: University of Bristol
Date of Award: 2016
Availability of Full Text:
Access through EThOS:
Abstract:
This thesis is dedicated to the study of single trace attacks, a sub-class of profiled power analysis attacks which is receiving an increased amount of attention in recent years. In practice, an adversary will consider single trace attacks when they can only get access to a limited number of power traces from the targeted device but have unlimited access to an identical test device. This scenario is highly realistic, and even implementations protected with simple countermeasures such as masking or shuffling remain theoretically vulnerable. As a natural representation of the above specified preconditions, single trace attacks generally consist of two interdependent phases: side-channel information extraction and exploitation. Our goal is to study the trade-off between the invested effort in the first phase and the subsequent required effort in the second phase. This information can be used to e.g. assess the feasibility or 'budget' the effort when considering specific implementations. From this perspective, the first question we ask is which classifiers or methods are most likely to return the correct side-channel information among their first (say s) ranked outputs. We investigate multiple combinations of data transformation techniques, feature selection algorithms and machine learning classifiers, utilising two data sets with different leakage characteristics. We systematically report results considering increasing numbers of points of interest and training traces. Next, we compare and contrast the two classic approaches (which we call 'pragmatic' and 'elegant') to information exploitation. Attacks from the first category are more error-resilient, in the sense that they allow for s taking relatively larger values. We then describe a pragmatic attack in a scenario that we consider to be ~ore realistic than previously tested, and possible optimisations. Finally, targeting publicly available software implementations for a suite of encryption algorithms, we investigate which cipher properties contribute to the success of single trace attacks.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.701650  DOI: Not available
Share: