Skip to Main content Skip to Navigation
New interface
Preprints, Working Papers, ...

The Indiscernibility Methodology: quantifying information leakage from side-channels with no prior knowledge

Abstract : Cyber security threats are important and growing issues in computing systems nowadays. Among them are the side-channel attacks, made possible by information leaking from computing systems through nonfunctional properties like execution time, consumed energy, power profiles, etc. These attacks are especially difficult to protect from, since they rely on physical measurements not usually envisioned when designing the functional properties of a program. Furthermore, countermeasures are usually dedicated to protect a particular program against a particular attack, lacking universality. To help fight these threats, we propose in this paper the Indiscernibility Methodology, a novel methodology to quantify with no prior knowledge the information leaked from programs, thus providing the developer with valuable security metrics, derived either from topology or from information theory. Our original approach considers the code to be analyzed as a completely black box, only the public inputs and leakages being observed. It can be applied to various types of side-channel leakages: time, energy, power, EM, etc. In this paper, we first present our Indiscernibility Methodology, including channels of information and our threat model. We then detail the computation of our novel metrics, with strong formal foundations based both on topological security (with distances defined between secret-dependent observations) and on information theory (quantifying the remaining secret information after observation by the attacker). Then we demonstrate the applicability of our approach by providing experimental results for both time and power leakages, studying both average case-, worst case-and indiscernible information metrics.
Complete list of metadata

https://hal.inria.fr/hal-03793085
Contributor : Olivier Zendra Connect in order to contact the contributor
Submitted on : Friday, September 30, 2022 - 4:17:54 PM
Last modification on : Tuesday, October 25, 2022 - 4:17:45 PM

File

2022-09-30_indiscernibility_au...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-03793085, version 1

Citation

Yoann Marquer, Olivier Zendra, Annelie Heuser. The Indiscernibility Methodology: quantifying information leakage from side-channels with no prior knowledge. 2022. ⟨hal-03793085⟩

Share

Metrics

Record views

41

Files downloads

44