- Webinar |
- USA 2024 |
- Netherlands 2023 |
- USA 2023 |
- Netherlands 2022 |
- USA 2022 |
- Netherlands 2021 |
- USA 2021 |
- Germany 2021 |
- Berlin 2021 |
- Netherlands 2020 |
- Virtual Con 2020 |
- Berlin 2020 |
- Netherlands 2019 |
- USA 2019 |
- Berlin 2019 |
- Netherlands 2018 |
- Berlin 2018 |
- Netherlands 2017 |
- Netherlands 2016 |
- Netherlands 2015
Side-Channel Attacks 101
26th - 27thApril | 2 Days
Trainers
Lejla Batina & Kostas Papagiannopoulos
Course outline
Modern cryptography has produced a multitude of secure ciphers that protect our daily electronic transactions. However, once the cipher is implemented on a physical device (microprocessor, FPGA, ASIC etc.) it becomes vulnerable to side-channel attacks. Side-channel attacks are a unique intersection of cryptography, electronics and statistics, pervading all aspects of modern hardware security. The attacks monitor closely the power consumption or electromagnetic emission of a cryptographic device and they are able to extract the secret key using statistical techniques. In this training course we will provide an introduction to side-channel analysis, showcasing the core techniques for key recovery. During the course the students will get the chance to develop several basic side-channel tools in Matlab/Octave. Subsequently they will use them to perform attacks on datasets in order to extract the secret key.
Course sections
Introduction to side-channel attacks
- Basic concepts and background information
- Side-channel leakage modeling
- Simple power analysis
- Differential power analysis
Correlation power analysis in software and hardware
- Assignment 1: Extracting the cipher key from the electromagnetic emission of an ARM Cortex-M4 processor
- Assignment 2: Extracting the cipher key from the power consumption of an FPGA-based AES implementation
Template attacks
- Probability theory and statistics
- Step-by-step guide to profile and exploit a device's side-channel
- Assignment 3: Template building/matching using the electromagnetic emission of an industrial control system
Higher order attacks
- Introduction to side-channel countermeasures (masking, shuffling, etc.)
- Higher-order side-channel attacks
- Assignment 4: Second-order attack using correlation and templates on a masking countermeasure implemented on an AVR smartcard
Who should attend the course
- Researchers and students who want to learn the core techniques of side-channel analysis
- Penetration testers, auditors and evaluators of secure embedded devices
- Developers of secure IoT products
- Any embedded security enthusiast
What should attendees bring
- Laptop with Windows or Linux
- Matlab or Octave installed
What will be provided
- Lecture slides and assignments
- Matlab code and examples
- Side-channel datasets captured from AVR/ARM processors and FPGA implementations
About the Trainers
Lejla Batina
Lejla Batina studied and worked as a research assistant at the Technical University Eindhoven where she got her professional doctorate in Engineering degree in Mathematics for Industry - in 2001. After that she worked as a cryptographer for Pijnenburg - Securealink (later SafeNet, BV), in Vught, The Netherlands. She got her Ph.D. degree from KU Leuven, Belgium in 2005 where she also continued with postdoctoral research. She is currently a professor in the Digital Security group of the Computing Science Department at the Radboud University and active participant in the CHES and IACR communities. Her research interests are hardware security, lightweight cryptography, cryptography for pervasive computing (smart cards, RFIDs, etc.), side-channel attacks/countermeasures and implementations of cryptography.
Kostas Papagiannopoulos
Kostas Papagiannopoulos received a degree in Electrical and Computer engineering from the National Technical University of Athens, Greece in 2011. He received his joint M.Sc. in Information Security from Radboud University, Technical University Eindhoven and University of Twente in 2014. He is currently a Ph.D. candidate in the Digital Security group of Radboud University in Nijmegen, the Netherlands. In addition he was a research visitor at the Riscure testing/evalution lab in Delft, in 2016. His research interests are side-channel attacks and countermeasures, high-performance cryptographic implementations, machine learning and information theory.