Navigation and service

BSI - Federal Office for Information Security (Link to homepage)

Side-Channel Resistance

Side-channel and fault attacks are currently among the most successful methods of attacking smartcards and similar products and represent a serious threat to the security of cryptographic implementations. In side-channel attacks, insights are gained from physical effects during the processing of sensitive data. Observable effects are, for example, runtime behavior, energy consumption, electromagnetic emanation and cache behaviour.

Side-channel attacks therefore play an important role in approval or certification processes (e.g. as part of the Common Criteria (CC)). It is of fundamental importance to know the strongest attack methods in order to analyse the side-channel resistance of implementations/products and to be able to adequately assess the effectiveness of algorithmic countermeasures. In particular, a large number of attacks are now known that must be taken into account as part of a side-channel-resistant implementation of cryptographic mechanisms. The latter use software and hardware countermeasures to reduce these undesirable side effects, e.g. by masking the processing of sensitive data and performing it in constant time.

Even if a completely side-channel-free implementation is not possible, adequate measures can be taken to ensure that a side-channel attack is practically impossible. In principle, the fewer observable effects can be used for side-channel analysis, the more expensive is the equipment required to measure the effects and the more measurement data is needed to separate an exploitable signal from the superimposed noise using statistical methods.

The BSI provides a basic document on this topic and has formulated guidelines for the evaluation and certification of implementations regarding their side-channel resistance, which are part of the AIS 46:

Basics:
Basics of Evaluating Side-Channel and Fault Attack Resistance

RSA-Guide:
Guidelines for Evaluating Side-Channel-Attack Resistance of RSA, DSA and Diffie-Hellman Key Exchange Implementations

ECC-Guide:
Guidelines for Evaluating Side-Channel and Fault Attack Resistance of Elliptic Curve Implementations

KI-Guide:
Guidelines for Evaluating Machine-Learning based Side-Channel Attack Resistance

Similar topics

Back to Cryptography