image image
Santos Merino del Pozo and Alberto Battistello at Hardwear Netherlands 2021

Santos Merino del Pozo and Alberto Battistello

TII & Security Pattern

Side-Channel Analysis - a learn-by-example approach

Talk Title:

Side-Channel Analysis - a learn-by-example approach


Nowadays, side-channel analysis (SCA) still remains one of the fundamental tools in the tool chest of security evaluators of smartcards and embedded devices. The main goal of this workshop is to give an introduction to SCA using open source frameworks and datasets, showing that it is possible to learn and conduct research on this topic without having to invest money in equipment or tools such as oscilloscopes.

Technical topics that will be covered: side-channel analysis, power analysis attacks, EMA attacks, countermeasures, open-source tools

Flow of the workshop:

  • Introduction to power and EM analysis
    • Fundamental theory and practice aspects (e.g., DPA, Template, SASCA, Deep learning)
    • Open source SCA evaluation frameworks
      • Lascar (Ledger), SCALib (UCLouvain), SCAred (eshard)
  • Quick introduction to our target: the AES block cipher
    • Review the algorithm
  • Attacks using simulated leakages
    • Main idea and purpose
    • "Project Power" challenge from ICHSA CTF 2021
    • Open source SCA leakage emulation frameworks
      • ELMO, GILES, Rainbow
  • Attacks against unprotected implementations
    • Datasets from ChipWhisperer Lite board running the AES Furious implementation
  • Attacks against low-security implementations
    • Overview of the countermeasure
    • ASCAD dataset: first-order Boolean masked AES implementation on an ATMEGA8515
  • Attacks against high-security implementations
    • Overview of the countermeasures
    • ASCADv2 dataset: AES implementation using affine masking and shuffling on an 32-bit Cortex-M ARM
  • Moving forward
    • Other datasets and CTFs to play with (including ECC implementations)
    • Going real: basic equipment to start collecting you own traces with a low budget

Speaker Bio:

Santos Merino del Pozo is Principal Cryptographer at the Cryptography Research Centre (CRC), Technology Innovation Institute, a cutting-edge UAE-based scientific research centre. In this capacity, he heads the hardware engineering and hardware security research teams at CRC.

Santos brings to his role expertise in cryptography, secure subsystem lifecycle development, design and development of cryptographic IP cores, security evaluations (side-channel analysis, fault-injection), as well as hardware design and implementation security (side-channel analysis, fault-injection).

Prior to joining TII, Santos worked at Dark Matter, UAE as Senior Security Researcher and earlier as Security Analyst at Inside Secure, then known as Verimatrix, a silicon IP and secure protocols company based in Glasgow, Scotland.

Earlier in his career, he was Research Assistant at the Universiteì Catholique de Louvain, where he worked with the Crypto team on side-channel analysis.

His research interests include cryptography, side-channel analysis and fault injection attacks, and the application of failure analysis techniques for hardware security.

A widely published author of multiple research papers on these areas of interest,

Santos has also co-authored three patents on cryptographic protocols for the Internet of Things. Santos Merino del Pozo holds a Master of Science in Computer Engineering from University of Cantabria, in Cantabria, Spain.

Alberto holds a master degree in computer engineering from the university of Padova, Italy, a master degree in cryptography and computer security from the university of Bordeaux, France, and a Ph.D in cryptography from university of Versailles-Saint-Quentin-en-Yvelines, France.

Alberto worked on white box cryptography during its internship at Apple in 2011, then moved to Oberthur Technologies (now IDEMIA), working as specialist engineer on security from 2011 to 2020.

During his work in IDEMIA he worked on security evaluations of embedded systems against side-channel and fault attacks, development of attack tools and countermeasures. He was also responsible for the design and development of IDEMIA’s whitebox cryptography product. Alberto joined Security Pattern in fall 2020 with the role of senior security engineer, his current tasks varies from security development and evaluations, trainings on physical attacks and secure coding, in particular for the IoT ecosystem.

Alberto was lecturer at the University of Bordeaux for the course of SmartCard security from 2013 to 2019.

Alberto is co-author of 8 scientific papers and is co-author of 10 registered patents.