Side Channels: Attacks, Defences, and Evaluation Schemes (Part 2)

Abstract: In this two part lecture series we will review the current research and industrial practice in relation to side channel attacks that exploit power/EM, and to some extent timing, leakage. In the first part we will focus on attacks and defences: we will cover single and multi target attacks, and review and illustrate how defences change the signal to noise ratio, thereby increasing the complexity of attacks. We will touch on the tension between provable security for defences and real world obstacles in bringing theory into practice. In the second part we will focus on methods and metrics to judge attacks (or equivalently the robustness of implementations). We intend to cover concepts such as key rank and leakage detection, and review how evaluation schemes (with a focus on NIST 140-3/ISO 17825 and CC) approach evaluations. In both parts of the talk we will pay attention to the ongoing NIST competitions (lightweight and post quantum), and seek to provide useful links.