Side-channel leak detection methods for cryptographic information security tools

Abstract

The analysis of the parameters of hardware implementations of cryptographic information security tools is one of the promising areas for searching for vulnerabilities in information security tools. Cryptographic transformations underlying the applied software or hardware-software tools of information protection are either mathematically or computationally robustness. To guarantee the computational robustness of a cryptographic algorithm, it is fundamentally important to assess the possibility of including additional information about the ongoing cryptographic transformations to the attack model. Sources of such information about the operation of a cryptographic tool can be: the time of performing various cryptographic operations, the power consumption of devices during the encryption of various data blocks, electromagnetic, vibroacoustic and other emitting that occurs during the operation of hardware information security devices, specially created computational errors (faults). The article observes the approaches used to detect leaks through side-channels based on the analysis of the power consumption of cryptographic information protection tools during performing data encryption. The use of a hardware device emulator to search for statistical dependencies between the device’s power consumption and the encrypted data set that occurs in hardware implementations of cryptographic systems is described.