Side-Channel Attacks and Countermeasures

Contact: Lars Tebelmann, Thomas Schamberger 

Side-channel analysis represents a major threat to the security of cryptographic embedded devices. By passively monitoring the activity of a device, side-channel information can be obtained, e.g. by measuring the variations of the electro-magnetic field over the chip surface or by obtaining power measurements. The information leaked by a device during the computation can be exploited using statistical analysis in so called side-channel attacks.

Over the last two decades, a varietey of side-channel attacks have been proposed. On the other hand, many implementation countermeasures have been proposed to thwart side-channel attacks. This quest for novel attacks and countermeasures is still a vivid research area. The main challenge in the field of secure implementations is to find the best trade-off between standard design constraints like speed, area and power consumption and physical security constraints like side-channel countermeasures.

The Chair for Security in Information Technology focusses on side-channel analysis and the development of countermeasures for Post-Quantum Cryptography and Physical Unclonable Funtions (PUFs).

In the advent of Post-Quantum Cryptography, new cryptographic algorithms are proposed and deployed. It is vital for the security of many systems, that possible attacks on these algorithms are well studied. Understanding attacks enables implementations that resist side-channel attacks and allows for the design of appropriate countermeasures.

PUFs exploit manifacturing variatons to provide secure cryptographic keys for devices without secure key storage. However, additional algorithms are needed to compensate unreliable PUF outputs. The investigation of side-channel analysis on the PUF primitive itself as well as the additional circuitry allows to derive suitable countermeasures.

Research topics:

  • Side-channel analysis of Post-quantum cryptography
  • Side-channel analysis of PUFs and the algorithms for their use
  • Countermeasures against side-channel attacks

Course Offered:

Selected Publications

Kulow, Alexander and Schamberger, Thomas and Tebelmann, Lars and Sigl, Georg: Finding the Needle in the Haystack: Metrics for Best Trace Selection in Unsupervised Side-Channel Attacks on Blinded RSA. IEEE Transactions on Information Forensics and Security 16, 2021, 3254-3268 [more…] [BibTeX]

Unterstein, Florian; Schink, Marc; Schamberger, Thomas; Tebelmann, Lars; Ilg, Manuel; Heyszl, Johann: Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020 (4), 2020, 365-388 [more…] [BibTeX]

Tebelmann, Lars and Pehl, Michael and Immler, Vincent: Side-Channel Analysis of the TERO PUF. Constructive Side-Channel Analysis and Secure Design COSADE , Springer International Publishing, 2019 (Darmstadt, Germany) [more...] [BibTeX]

Schamberger, Thomas and Mischke, Oliver and Sepulveda, Johanna: Practical Evaluation of Masking for NTRUEncrypt on ARM Cortex-M4. Constructive Side-Channel Analysis and Secure Design, Springer International Publishing, 2019Constructive Side-Channel Analysis and Secure Design 2019 (COSADE) [more…] [BibTeX]

Seuschek, Hermann and Guillen, Oscar and De Santis, Fabrizio: Side-Channel Leakage Aware Instruction Scheduling. 4th Workshop on Cryptography and Security in Computing Systems (CS2 2017) HIPEAC17, 2017 (Stockholm, Sweden) [more…] BibTeX

Tebelmann, Lars and Pehl, Michael and Sigl, Georg: EM Side-Channel Analysis of BCH-based Error Correction for PUF-based Key Generation. Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security (ASHES '17), ACM, 2017 New York, NY, USA [more…] BibTeX

Unterstein, Florian and Heyszl, Johann and De Santis, Fabrizio and Specht, Robert: Dissecting Leakage Resilient PRFs with Multivariate Localized EM Attacks - A Practical Security Evaluation on FPGA. 8th International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE), 2017 Paris, France [more…] BibTeX

De Santis, Fabrizio and Bauer, Tobias and Sigl, Georg: Hiding Higher-Order Univariate Leakages by Shuffling Polynomial Masking Schemes - A More Efficient, Shuffled, and Higher-Order Masked AES S-box. Theory of Implementation Security Workshop (TIs 2016), ACM CCS, 2016Vienna, Austria, 10 pages [more…] BibTeX

De Santis, Fabrizio and Bauer, Tobias and Sigl, Georg: Squeezing Polynomial Masking in Tower Fields - A Higher-Order Masked AES S-Box. 15th Smart Card Research and Advanced Application Conference (CARDIS 2016), 2016Cannes, Frankreich, pages 192 - 208 [more…] BibTeX

F. De Santis, M. Kasper, S. Mangard, G. Sigl, O. Stein and M. Stöttinger: On the Relationship Between Correlation Power Analysis and the Stochastic Approach: an ASIC Designer Perspective, in the proceedings of 14th International Conference on Cryptology in India (INDOCRYPT), Lecture Notes in Computer Science vol. 8250, p. 215-226, 7-10 December 2013, Mumbai, India [more...] BibTeX

S. Belaid, F. De Santis, J. Heyszl, S. Mangard, M. Medwed, J.-M. Schmidt, F.-X. Standaert and S. Tillich: Towards Fresh Re-Keying with Leakage-Resilient PRFs: Cipher Design Principles and Analysis, in the proceedings of PROOFS 2013 (Security Proofs for Embedded Systems), Santa-Barbara, California, August 2013. [more...] BibTeX

J. Heyszl, D. Merli, B. Heinz, F. De Santis and G. Sigl: Strengths and Limitations of High-Resolution Electromagnetic Field Measurements for Side-Channel Analysis, in the proceedings of 11th Smart Card Research and Advanced Application Conference (CARDIS), Lecture Notes in Computer Science vol 7771, p. 248-262, Graz, Austria, November 2012 [more...] [BibTeX]