SoK: A Methodology to Achieve Provable Side-Channel Security in Real-World Implementations
Authors
Sonia Belaïd, Gaëtan Cassiers, Camille Mutschler, Matthieu Rivain, Thomas Roche, François-Xavier Standaert, Abdul Rahman Taleb
Sonia Belaïd
CryptoExperts, Paris, France
sonia dot belaid at cryptoexperts dot com
sonia dot belaid at cryptoexperts dot com
Gaëtan Cassiers
CryptoExperts, Paris, France
gaetan dot cassiers at uclouvain dot be
gaetan dot cassiers at uclouvain dot be
Matthieu Rivain
CryptoExperts, Paris, France
matthieu dot rivain at cryptoexperts dot com
matthieu dot rivain at cryptoexperts dot com
François-Xavier Standaert
UCLouvain, Louvain-la-Neuve, Belgium
fstandae at uclouvain dot be
fstandae at uclouvain dot be
Abdul Rahman Taleb
CryptoExperts, Paris, France
taleb dot abdulrahman1 at gmail dot com
taleb dot abdulrahman1 at gmail dot com
Keywords:
masking
provable side-channel security
random probing model
noisy leakage model
methodology
physical assumptions
Abstract
A wide range of countermeasures have been proposed to defend against side-channel attacks, with masking being one of the most effective and commonly used techniques. While theoretical models provide formal security proofs, these often rely on assumptions—sometimes implicit—that can be difficult to assess in practice. As a result, the design of secure masked implementations frequently combines proven theoretical arguments with heuristic and empirical validation.
Despite the significant body of work, the literature still lacks a cohesive and well-defined framework for translating theoretical security guarantees into practical implementations on physical devices. Specifically, there remains a gap in connecting provable results from abstract models to quantitative security guarantees at the implementation level.
In this Systematization of Knowledge (SoK), we aim to provide a comprehensive methodology to transform abstract cryptographic algorithms into physically secure implementations against side-channel attacks on microcontrollers. We introduce new tools to adapt the ideal noisy leakage model to practical, real-world scenarios, and we integrate state-of-the-art techniques to build secure implementations based on this model.
Our work systematizes the design objectives necessary for achieving high security levels in embedded devices and identifies the remaining challenges in concretely applying security reductions. By bridging the gap between theory and practice, we seek to provide a foundation for future research that can develop implementations with proven security against side-channel attacks, based on well-understood leakage assumptions.
References
[2716]
ISO/IEC JTC 1/SC 27. Information technology – Security techniques – Testing methods for the mitigation of non-invasive attack classes against cryptographic modules. Technical report, International Organization for Standardization. January 2016.
[ADF16]
Marcin Andrychowicz, Stefan Dziembowski, and Sebastian Faust. Circuit Compilers with $O(1/\log(n))$ Leakage Rate. In Marc Fischlin and Jean-Sébastien Coron, editors, Advances in Cryptology – EUROCRYPT 2016, Part II, volume 9666 of Lecture Notes in Computer Science, pages 586–615, Vienna, Austria. 2016. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-49896-5_21
[AIS18]
Prabhanjan Ananth, Yuval Ishai, and Amit Sahai. Private Circuits: A Modular Approach. In Hovav Shacham and Alexandra Boldyreva, editors, Advances in Cryptology – CRYPTO 2018, Part III, volume 10993 of Lecture Notes in Computer Science, pages 427–455, Santa Barbara, CA, USA. 2018. Springer, Cham, Switzerland. DOI: 10.1007/978-3-319-96878-0_15
[Ajt11]
Miklós Ajtai. Secure computation with information leaking to an adversary. In Lance Fortnow and Salil P. Vadhan, editors, 43rd Annual ACM Symposium on Theory of Computing, pages 715–724, San Jose, CA, USA. 2011. ACM Press. DOI: 10.1145/1993636.1993731
[AP21]
Alexandre Adomnicai and Thomas Peyrin. Fixslicing AES-like Ciphers. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(1):402–425, 2021. DOI: 10.46586/tches.v2021.i1.402-425
[BBP+16]
Sonia Belaïd, Fabrice Benhamouda, Alain Passelègue, Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. Randomness Complexity of Private Circuits for Multiplication. In Marc Fischlin and Jean-Sébastien Coron, editors, Advances in Cryptology – EUROCRYPT 2016, Part II, volume 9666 of Lecture Notes in Computer Science, pages 616–648, Vienna, Austria. 2016. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-49896-5_22
[BC22]
Olivier Bronchain and Gaëtan Cassiers. Bitslicing Arithmetic/Boolean Masking Conversions for Fun and Profit with Application to Lattice-Based KEMs. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022(4):553–588, 2022. DOI: 10.46586/tches.v2022.i4.553-588
[BCG+23]
Julien Béguinot, Wei Cheng, Sylvain Guilley, Yi Liu, Loïc Masure, Olivier Rioul, and François-Xavier Standaert. Removing the Field Size Loss from Duc et al.'s Conjectured Bound for Masked Encodings. In Elif Bilge Kavun and Michael Pehl, editors, COSADE 2023: 14th International Workshop on Constructive Side-Channel Analysis and Secure Design, volume 13979 of Lecture Notes in Computer Science, pages 86–104, Munich, Germany. 2023. Springer, Cham, Switzerland. DOI: 10.1007/978-3-031-29497-6_5
[BCO04]
Eric Brier, Christophe Clavier, and Francis Olivier. Correlation Power Analysis with a Leakage Model. In Marc Joye and Jean-Jacques Quisquater, editors, Cryptographic Hardware and Embedded Systems – CHES 2004, volume 3156 of Lecture Notes in Computer Science, pages 16–29, Cambridge, Massachusetts, USA. 2004. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-540-28632-5_2
[BCP+20]
Sonia Belaïd, Jean-Sébastien Coron, Emmanuel Prouff, Matthieu Rivain, and Abdul Rahman Taleb. Random Probing Security: Verification, Composition, Expansion and New Constructions. In Daniele Micciancio and Thomas Ristenpart, editors, Advances in Cryptology – CRYPTO 2020, Part I, volume 12170 of Lecture Notes in Computer Science, pages 339–368, Santa Barbara, CA, USA. 2020. Springer, Cham, Switzerland. DOI: 10.1007/978-3-030-56784-2_12
[BCPZ16]
Alberto Battistello, Jean-Sébastien Coron, Emmanuel Prouff, and Rina Zeitoun. Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme. In Benedikt Gierlichs and Axel Y. Poschmann, editors, Cryptographic Hardware and Embedded Systems – CHES 2016, volume 9813 of Lecture Notes in Computer Science, pages 23–39, Santa Barbara, CA, USA. 2016. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-53140-2_2
[BCS21]
Olivier Bronchain, Gaëtan Cassiers, and François-Xavier Standaert. Give Me 5 Minutes: Attacking ASCAD with a Single Side-Channel Trace. Cryptology ePrint Archive, Report 2021/817. 2021.
[BDF+17]
Gilles Barthe, François Dupressoir, Sebastian Faust, Benjamin Grégoire, François-Xavier Standaert, and Pierre-Yves Strub. Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model. In Jean-Sébastien Coron and Jesper Buus Nielsen, editors, Advances in Cryptology – EUROCRYPT 2017, Part I, volume 10210 of Lecture Notes in Computer Science, pages 535–566, Paris, France. 2017. Springer, Cham, Switzerland. DOI: 10.1007/978-3-319-56620-7_19
[BGG+14]
Josep Balasch, Benedikt Gierlichs, Vincent Grosso, Oscar Reparaz, and François-Xavier Standaert. On the Cost of Lazy Engineering for Masked Software Implementations. In Marc Joye and Amir Moradi, editors, Smart Card Research and Advanced Applications - 13th International Conference, CARDIS 2014, Paris, France, November 5-7, 2014. Revised Selected Papers, volume 8968 of Lecture Notes in Computer Science, pages 64–81. 2014. Springer. DOI: 10.1007/978-3-319-16763-3_5
[BGG+22]
Roderick Bloem, Barbara Gigerl, Marc Gourjon, Vedad Hadzic, Stefan Mangard, and Robert Primas. Power Contracts: Provably Complete Power Leakage Models for Processors. In Heng Yin, Angelos Stavrou, Cas Cremers, and Elaine Shi, editors, ACM CCS 2022: 29th Conference on Computer and Communications Security, pages 381–395, Los Angeles, CA, USA. 2022. ACM Press. DOI: 10.1145/3548606.3560600
[BGNT15]
Nicolas Bruneau, Sylvain Guilley, Zakaria Najm, and Yannick Teglia. Multi-variate High-Order Attacks of Shuffled Tables Recomputation. In Tim Güneysu and Helena Handschuh, editors, Cryptographic Hardware and Embedded Systems – CHES 2015, volume 9293 of Lecture Notes in Computer Science, pages 475–494, Saint-Malo, France. 2015. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-48324-4_24
[BMP13]
Joan Boyar, Philip Matthews, and René Peralta. Logic Minimization Techniques with Applications to Cryptology. Journal of Cryptology, 26(2):280–312, April 2013. DOI: 10.1007/s00145-012-9124-7
[BMRT22]
Sonia Belaïd, Darius Mercadier, Matthieu Rivain, and Abdul Rahman Taleb. IronMask: Versatile Verification of Masking Security. In 2022 IEEE Symposium on Security and Privacy, pages 142–160, San Francisco, CA, USA. 2022. IEEE Computer Society Press. DOI: 10.1109/SP46214.2022.9833600
[BRT21]
Sonia Belaïd, Matthieu Rivain, and Abdul Rahman Taleb. On the Power of Expansion: More Efficient Constructions in the Random Probing Model. In Anne Canteaut and François-Xavier Standaert, editors, Advances in Cryptology – EUROCRYPT 2021, Part II, volume 12697 of Lecture Notes in Computer Science, pages 313–343, Zagreb, Croatia. 2021. Springer, Cham, Switzerland. DOI: 10.1007/978-3-030-77886-6_11
[BRTV21]
Sonia Belaïd, Matthieu Rivain, Abdul Rahman Taleb, and Damien Vergnaud. Dynamic Random Probing Expansion with Quasi Linear Asymptotic Complexity. In Mehdi Tibouchi and Huaxiong Wang, editors, Advances in Cryptology – ASIACRYPT 2021, Part II, volume 13091 of Lecture Notes in Computer Science, pages 157–188, Singapore. 2021. Springer, Cham, Switzerland. DOI: 10.1007/978-3-030-92075-3_6
[BS21]
Olivier Bronchain and François-Xavier Standaert. Breaking Masked Implementations with Many Shares on 32-bit Software Platforms. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(3):202–234, 2021. DOI: 10.46586/tches.v2021.i3.202-234
[BUS21]
Davide Bellizia, Balazs Udvarhelyi, and François-Xavier Standaert. Towards a Better Understanding of Side-Channel Analysis Measurements Setups. In Vincent Grosso and Thomas Pöppelmann, editors, Smart Card Research and Advanced Applications - 20th International Conference, CARDIS 2021, Lübeck, Germany, November 11-12, 2021, Revised Selected Papers, volume 13173 of Lecture Notes in Computer Science, pages 64–79. 2021. Springer. DOI: 10.1007/978-3-030-97348-3_4
[CDSU23]
Gaëtan Cassiers, Henri Devillez, François-Xavier Standaert, and Balazs Udvarhelyi. Efficient Regression-Based Linear Discriminant Analysis for Side-Channel Security Evaluations Towards Analytical Attacks against 32-bit Implementations. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023(3):270–293, 2023. DOI: 10.46586/tches.v2023.i3.270-293
[CFOS21]
Gaëtan Cassiers, Sebastian Faust, Maximilian Orlt, and François-Xavier Standaert. Towards Tight Random Probing Security. In Tal Malkin and Chris Peikert, editors, Advances in Cryptology – CRYPTO 2021, Part III, volume 12827 of Lecture Notes in Computer Science, pages 185–214, Virtual Event. 2021. Springer, Cham, Switzerland. DOI: 10.1007/978-3-030-84252-9_7
[CGP+12]
Jean-Sébastien Coron, Christophe Giraud, Emmanuel Prouff, Soline Renner, Matthieu Rivain, and Praveen Kumar Vadnala. Conversion of Security Proofs from One Leakage Model to Another: A New Issue. In Werner Schindler and Sorin A. Huss, editors, COSADE 2012: 3rd International Workshop on Constructive Side-Channel Analysis and Secure Design, volume 7275 of Lecture Notes in Computer Science, pages 69–81, Darmstadt, Germany. 2012. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-642-29912-4_6
[Cho15]
Marios O Choudary. Efficient multivariate statistical techniques for extracting secrets from electronic devices. Technical report, University of Cambridge, Computer Laboratory. 2015.
[CJRR99]
Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. Towards Sound Approaches to Counteract Power-Analysis Attacks. In Michael J. Wiener, editor, Advances in Cryptology – CRYPTO'99, volume 1666 of Lecture Notes in Computer Science, pages 398–412, Santa Barbara, CA, USA. 1999. Springer Berlin Heidelberg, Germany. DOI: 10.1007/3-540-48405-1_26
[CK13]
Omar Choudary and Markus G. Kuhn. Efficient Template Attacks. In Aurélien Francillon and Pankaj Rohatgi, editors, Smart Card Research and Advanced Applications - 12th International Conference, CARDIS 2013, Berlin, Germany, November 27-29, 2013. Revised Selected Papers, volume 8419 of Lecture Notes in Computer Science, pages 253–270. 2013. Springer. DOI: 10.1007/978-3-319-08302-5_17
[CM24]
Gaëtan Cassiers and Charles Momin. The SMAesH dataset. Cryptology ePrint Archive, Paper 2024/1521. 2024.
[CPRR14]
Jean-Sébastien Coron, Emmanuel Prouff, Matthieu Rivain, and Thomas Roche. Higher-Order Side Channel Security and Mask Refreshing. In Shiho Moriai, editor, Fast Software Encryption – FSE 2013, volume 8424 of Lecture Notes in Computer Science, pages 410–424, Singapore. 2014. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-43933-3_21
[CPW24]
Hao Cheng, Daniel Page, and Weijia Wang. eLIMInate: a Leakage-focused ISE for Masked Implementation. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2024(2):329–358, 2024. DOI: 10.46586/tches.v2024.i2.329-358
[CRR03]
Suresh Chari, Josyula R. Rao, and Pankaj Rohatgi. Template Attacks. In Burton S. Kaliski Jr., Çetin Kaya Koç, and Christof Paar, editors, Cryptographic Hardware and Embedded Systems – CHES 2002, volume 2523 of Lecture Notes in Computer Science, pages 13–28, Redwood Shores, CA, USA. 2003. Springer Berlin Heidelberg, Germany. DOI: 10.1007/3-540-36400-5_3
[CRZ18]
Jean-Sébastien Coron, Franck Rondepierre, and Rina Zeitoun. High Order Masking of Look-up Tables with Common Shares. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(1):40–72, 2018. DOI: 10.13154/tches.v2018.i1.40-72
[CS21]
Gaëtan Cassiers and François-Xavier Standaert. Provably Secure Hardware Masking in the Transition- and Glitch-Robust Probing Model: Better Safe than Sorry. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(2):136–158, 2021. DOI: 10.46586/tches.v2021.i2.136-158
[DDF14]
Alexandre Duc, Stefan Dziembowski, and Sebastian Faust. Unifying Leakage Models: From Probing Attacks to Noisy Leakage. In Phong Q. Nguyen and Elisabeth Oswald, editors, Advances in Cryptology – EUROCRYPT 2014, volume 8441 of Lecture Notes in Computer Science, pages 423–440, Copenhagen, Denmark. 2014. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-642-55220-5_24
[DDF19]
Alexandre Duc, Stefan Dziembowski, and Sebastian Faust. Unifying Leakage Models: From Probing Attacks to Noisy Leakage. Journal of Cryptology, 32(1):151–177, January 2019. DOI: 10.1007/s00145-018-9284-1
[DFS15a]
Alexandre Duc, Sebastian Faust, and François-Xavier Standaert. Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device. In Elisabeth Oswald and Marc Fischlin, editors, Advances in Cryptology – EUROCRYPT 2015, Part I, volume 9056 of Lecture Notes in Computer Science, pages 401–429, Sofia, Bulgaria. 2015. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-46800-5_16
[DFS15b]
Stefan Dziembowski, Sebastian Faust, and Maciej Skorski. Noisy Leakage Revisited. In Elisabeth Oswald and Marc Fischlin, editors, Advances in Cryptology – EUROCRYPT 2015, Part II, volume 9057 of Lecture Notes in Computer Science, pages 159–188, Sofia, Bulgaria. 2015. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-46803-6_6
[DFS19]
Alexandre Duc, Sebastian Faust, and François-Xavier Standaert. Making Masking Security Proofs Concrete (Or How to Evaluate the Security of Any Leaking Device), Extended Version. Journal of Cryptology, 32(4):1263–1297, October 2019. DOI: 10.1007/s00145-018-9277-0
[Dod12]
Yevgeniy Dodis. Shannon Impossibility, Revisited. In Adam Smith, editor, ICITS 12: 6th International Conference on Information Theoretic Security, volume 7412 of Lecture Notes in Computer Science, pages 100–110, Montreal, QC, Canada. 2012. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-642-32284-6_6
[DZD+17]
A. Adam Ding, Liwei Zhang, François Durvaux, François-Xavier Standaert, and Yunsi Fei. Towards Sound and Optimal Leakage Detection Procedure. In Thomas Eisenbarth and Yannick Teglia, editors, Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017, Lugano, Switzerland, November 13-15, 2017, Revised Selected Papers, volume 10728 of Lecture Notes in Computer Science, pages 105–122. 2017. Springer. DOI: 10.1007/978-3-319-75208-2_7
[FGM+18]
Sebastian Faust, Vincent Grosso, Santos Merino Del Pozo, Clara Paglialonga, and François-Xavier Standaert. Composable Masking Schemes in the Presence of Physical Defaults & the Robust Probing Model. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(3):89–120, 2018. DOI: 10.13154/tches.v2018.i3.89-120
[GGJR+11]
Benjamin Jun Gilbert Goodwill, Josh Jaffe, Pankaj Rohatgi, and others. A testing methodology for side-channel resistance validation. In NIST non-invasive attack testing workshop, volume 7, pages 115–136. 2011.
[GMPO19]
Si Gao, Ben Marshall, Dan Page, and Elisabeth Oswald. Share-slicing: Friend or Foe?. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(1):152–174, 2019. DOI: 10.13154/tches.v2020.i1.152-174
[GMPP20]
Si Gao, Ben Marshall, Dan Page, and Thinh Pham. FENL: an ISE to mitigate analogue micro-architectural leakage. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(2):73–98, 2020. DOI: 10.13154/tches.v2020.i2.73-98
[GP99]
Louis Goubin and Jacques Patarin. DES and Differential Power Analysis (The “Duplication” Method). In Çetin Kaya Koç and Christof Paar, editors, Cryptographic Hardware and Embedded Systems – CHES'99, volume 1717 of Lecture Notes in Computer Science, pages 158–172, Worcester, Massachusetts, USA. 1999. Springer Berlin Heidelberg, Germany. DOI: 10.1007/3-540-48059-5_15
[GPSS18]
Benjamin Grégoire, Kostas Papagiannopoulos, Peter Schwabe, and Ko Stoffelen. Vectorizing Higher-Order Masking. In Junfeng Fan and Benedikt Gierlichs, editors, COSADE 2018: 9th International Workshop on Constructive Side-Channel Analysis and Secure Design, volume 10815 of Lecture Notes in Computer Science, pages 23–43, Singapore. 2018. Springer, Cham, Switzerland. DOI: 10.1007/978-3-319-89641-0_2
[GS18]
Vincent Grosso and François-Xavier Standaert. Masking Proofs Are Tight and How to Exploit it in Security Evaluations. In Jesper Buus Nielsen and Vincent Rijmen, editors, Advances in Cryptology – EUROCRYPT 2018, Part II, volume 10821 of Lecture Notes in Computer Science, pages 385–412, Tel Aviv, Israel. 2018. Springer, Cham, Switzerland. DOI: 10.1007/978-3-319-78375-8_13
[HS13]
Michael Hutter and Jörn-Marc Schmidt. The Temperature Side Channel and Heating Fault Attacks. In Aurélien Francillon and Pankaj Rohatgi, editors, Smart Card Research and Advanced Applications - 12th International Conference, CARDIS 2013, Berlin, Germany, November 27-29, 2013. Revised Selected Papers, volume 8419 of Lecture Notes in Computer Science, pages 219–235. 2013. Springer. DOI: 10.1007/978-3-319-08302-5_15
[ISW03]
Yuval Ishai, Amit Sahai, and David Wagner. Private Circuits: Securing Hardware against Probing Attacks. In Dan Boneh, editor, Advances in Cryptology – CRYPTO 2003, volume 2729 of Lecture Notes in Computer Science, pages 463–481, Santa Barbara, CA, USA. 2003. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-540-45146-4_27
[JS17]
Anthony Journault and François-Xavier Standaert. Very High Order Masking: Efficient Implementation and Security Evaluation. In Wieland Fischer and Naofumi Homma, editors, Cryptographic Hardware and Embedded Systems – CHES 2017, volume 10529 of Lecture Notes in Computer Science, pages 623–643, Taipei, Taiwan. 2017. Springer, Cham, Switzerland. DOI: 10.1007/978-3-319-66787-4_30
[KJJ99]
Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. Differential Power Analysis. In Michael J. Wiener, editor, Advances in Cryptology – CRYPTO'99, volume 1666 of Lecture Notes in Computer Science, pages 388–397, Santa Barbara, CA, USA. 1999. Springer Berlin Heidelberg, Germany. DOI: 10.1007/3-540-48405-1_25
[Koc96]
Paul C. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Neal Koblitz, editor, Advances in Cryptology – CRYPTO'96, volume 1109 of Lecture Notes in Computer Science, pages 104–113, Santa Barbara, CA, USA. 1996. Springer Berlin Heidelberg, Germany. DOI: 10.1007/3-540-68697-5_9
[Man04]
Stefan Mangard. Hardware Countermeasures against DPA – A Statistical Analysis of Their Effectiveness. In Tatsuaki Okamoto, editor, Topics in Cryptology – CT-RSA 2004, volume 2964 of Lecture Notes in Computer Science, pages 222–235, San Francisco, CA, USA. 2004. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-540-24660-2_18
[MDP19]
Loïc Masure, Cécile Dumas, and Emmanuel Prouff. A Comprehensive Study of Deep Learning for Side-Channel Analysis. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(1):348–375, 2019. DOI: 10.13154/tches.v2020.i1.348-375
[MKSM22]
Nicolai Müller, David Knichel, Pascal Sasdrich, and Amir Moradi. Transitional Leakage in Theory and Practice Unveiling Security Flaws in Masked Circuits. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022(2):266–288, 2022. DOI: 10.46586/tches.v2022.i2.266-288
[MOS11]
Stefan Mangard, Elisabeth Oswald, and François-Xavier Standaert. One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Secur., 5(2):100–110, 2011. DOI: 10.1049/iet-ifs.2010.0096
[MOW17]
David McCann, Elisabeth Oswald, and Carolyn Whitnall. Towards Practical Tools for Side Channel Aware Software Engineering: 'Grey Box' Modelling for Instruction Leakages. In Engin Kirda and Thomas Ristenpart, editors, USENIX Security 2017: 26th USENIX Security Symposium, pages 199–216, Vancouver, BC, Canada. 2017. USENIX Association.
[MPG05]
Stefan Mangard, Thomas Popp, and Berndt M. Gammel. Side-Channel Leakage of Masked CMOS Gates. In Alfred Menezes, editor, Topics in Cryptology – CT-RSA 2005, volume 3376 of Lecture Notes in Computer Science, pages 351–365, San Francisco, CA, USA. 2005. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-540-30574-3_24
[MPO05]
Stefan Mangard, Norbert Pramstaller, and Elisabeth Oswald. Successfully Attacking Masked AES Hardware Implementations. In Josyula R. Rao and Berk Sunar, editors, Cryptographic Hardware and Embedded Systems – CHES 2005, volume 3659 of Lecture Notes in Computer Science, pages 157–171, Edinburgh, UK. 2005. Springer Berlin Heidelberg, Germany. DOI: 10.1007/11545262_12
[MPW22]
Ben Marshall, Dan Page, and James Webb. MIRACLE: MIcRo-ArChitectural Leakage Evaluation A study of micro-architectural power leakage across many devices. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022(1):175–220, 2022. DOI: 10.46586/tches.v2022.i1.175-220
[MS23]
Loïc Masure and François-Xavier Standaert. Prouff and Rivain's Formal Security Proof of Masking, Revisited - Tight Bounds in the Noisy Leakage Model. In Helena Handschuh and Anna Lysyanskaya, editors, Advances in Cryptology – CRYPTO 2023, Part III, volume 14083 of Lecture Notes in Computer Science, pages 343–376, Santa Barbara, CA, USA. 2023. Springer, Cham, Switzerland. DOI: 10.1007/978-3-031-38548-3_12
[PGMP19]
Thomas Prest, Dahmun Goudarzi, Ange Martinelli, and Alain Passelègue. Unifying Leakage Models on a Rényi Day. In Alexandra Boldyreva and Daniele Micciancio, editors, Advances in Cryptology – CRYPTO 2019, Part I, volume 11692 of Lecture Notes in Computer Science, pages 683–712, Santa Barbara, CA, USA. 2019. Springer, Cham, Switzerland. DOI: 10.1007/978-3-030-26948-7_24
[PPM+23]
Stjepan Picek, Guilherme Perin, Luca Mariot, Lichao Wu, and Lejla Batina. SoK: Deep Learning-based Physical Side-channel Analysis. ACM Comput. Surv., 55(11):227:1–227:35, 2023. DOI: 10.1145/3569577
[PR13]
Emmanuel Prouff and Matthieu Rivain. Masking against Side-Channel Attacks: A Formal Security Proof. In Thomas Johansson and Phong Q. Nguyen, editors, Advances in Cryptology – EUROCRYPT 2013, volume 7881 of Lecture Notes in Computer Science, pages 142–159, Athens, Greece. 2013. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-642-38348-9_9
[QS01]
Jean-Jacques Quisquater and David Samyde. ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards. In Isabelle Attali and Thomas P. Jensen, editors, Smart Card Programming and Security, International Conference on Research in Smart Cards, E-smart 2001, Cannes, France, September 19-21, 2001, Proceedings, volume 2140 of Lecture Notes in Computer Science, pages 200–210. 2001. Springer. DOI: 10.1007/3-540-45418-7_17
[RP10]
Matthieu Rivain and Emmanuel Prouff. Provably Secure Higher-Order Masking of AES. In Stefan Mangard and François-Xavier Standaert, editors, Cryptographic Hardware and Embedded Systems – CHES 2010, volume 6225 of Lecture Notes in Computer Science, pages 413–427, Santa Barbara, CA, USA. 2010. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-642-15031-9_28
[SA08]
François-Xavier Standaert and Cédric Archambeau. Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages. In Elisabeth Oswald and Pankaj Rohatgi, editors, Cryptographic Hardware and Embedded Systems – CHES 2008, volume 5154 of Lecture Notes in Computer Science, pages 411–425, Washington, DC, USA. 2008. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-540-85053-3_26
[SLP05]
Werner Schindler, Kerstin Lemke, and Christof Paar. A Stochastic Model for Differential Side Channel Cryptanalysis. In Josyula R. Rao and Berk Sunar, editors, Cryptographic Hardware and Embedded Systems – CHES 2005, volume 3659 of Lecture Notes in Computer Science, pages 30–46, Edinburgh, UK. 2005. Springer Berlin Heidelberg, Germany. DOI: 10.1007/11545262_3
[SM15]
Tobias Schneider and Amir Moradi. Leakage Assessment Methodology - A Clear Roadmap for Side-Channel Evaluations. In Tim Güneysu and Helena Handschuh, editors, Cryptographic Hardware and Embedded Systems – CHES 2015, volume 9293 of Lecture Notes in Computer Science, pages 495–513, Saint-Malo, France. 2015. Springer Berlin Heidelberg, Germany. DOI: 10.1007/978-3-662-48324-4_25
[SM16]
Tobias Schneider and Amir Moradi. Leakage assessment methodology - Extended version. Journal of Cryptographic Engineering, 6(2):85–99, June 2016. DOI: 10.1007/s13389-016-0120-y
[SP06]
Kai Schramm and Christof Paar. Higher Order Masking of the AES. In David Pointcheval, editor, Topics in Cryptology – CT-RSA 2006, volume 3860 of Lecture Notes in Computer Science, pages 208–225, San Jose, CA, USA. 2006. Springer Berlin Heidelberg, Germany. DOI: 10.1007/11605805_14
[WO19]
Carolyn Whitnall and Elisabeth Oswald. A Critical Analysis of ISO 17825 ('Testing Methods for the Mitigation of Non-invasive Attack Classes Against Cryptographic Modules'). In Steven D. Galbraith and Shiho Moriai, editors, Advances in Cryptology – ASIACRYPT 2019, Part III, volume 11923 of Lecture Notes in Computer Science, pages 256–284, Kobe, Japan. 2019. Springer, Cham, Switzerland. DOI: 10.1007/978-3-030-34618-8_9
PDF
History
Submitted: 2024-10-08
Accepted: 2025-03-11
Published: 2025-04-08
Accepted: 2025-03-11
Published: 2025-04-08
How to cite
Sonia Belaïd, Gaëtan Cassiers, Camille Mutschler, Matthieu Rivain, Thomas Roche, François-Xavier Standaert, and Abdul Rahman Taleb, SoK: A Methodology to Achieve Provable Side-Channel Security in Real-World Implementations. IACR Communications in Cryptology, vol. 2, no. 1, Apr 08, 2025, doi: 10.62056/aebngy4e-.
License
Copyright is held by the author(s)
This work is licensed under a Creative Commons Attribution (CC BY) license.