Loading…

The Side-channel Metrics Cheat Sheet

Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have b...

Full description

Saved in:

Bibliographic Details
Published in:	ACM computing surveys 2023-10, Vol.55 (10), p.1-38, Article 216
Main Authors:	Papagiannopoulos, Kostas, Glamočanin, Ognjen, Azouaoui, Melissa, Ros, Dorian, Regazzoni, Francesco, Stojilović, Mirjana
Format:	Article
Language:	English
Subjects:	Computer science Cryptanalysis and other attacks Cryptography Security Security and privacy Side-channel analysis and countermeasures
Citations:	Items that this one cites Items that cite this one
Online Access:	Get full text
Tags:	Add Tag No Tags, Be the first to tag this record!

cited_by	cdi_FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043
cites	cdi_FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043
container_end_page	38
container_issue	10
container_start_page	1
container_title	ACM computing surveys
container_volume	55
creator	Papagiannopoulos, Kostas Glamočanin, Ognjen Azouaoui, Melissa Ros, Dorian Regazzoni, Francesco Stojilović, Mirjana
description	Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have been adopted or defined to express and quantify side-channel security. These metrics can relate to one another, but also conflict in terms of effectiveness, assumptions, and security goals. In this work, we review the most commonly used metrics in the field of side-channel analysis. We provide a self-contained presentation of each metric, along with a discussion of its limitations. We practically demonstrate the metrics on examples of relevant implementations of the Advanced Encryption Standard (AES), and make the software implementation of the presented metrics available to the community as open source. This work, being beyond a survey of the current status of metrics, will allow researchers and practitioners to produce a well-informed security evaluation through a better understanding of its supporting and summarizing metrics.
doi_str_mv	10.1145/3565571
format	article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2866449315</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2866449315</sourcerecordid><originalsourceid>FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043</originalsourceid><addsrcrecordid>eNo90E1Lw0AQBuBFFIxVvHsKKHiKzmR2N81RQv2AiofWc9jdTEhKm9Td9OC_N5Lq6YWZhxl4hbhGeECU6pGUVirDExHhmElGEk9FBKQhAQI4FxchbAAglagjcbduOF61FSeuMV3H2_idB9-6EBcNmyFeNczDpTirzTbw1TFn4vN5sS5ek-XHy1vxtExMSmpIjDKUoZMI7FKwFdg8c6mmOVo2NqcacjJKEuo8VTwOLRm00pKqdFaBpJm4ne7uff914DCUm_7gu_Flmc61ljInVKO6n5TzfQie63Lv253x3yVC-VtBeaxglDeTNG73j_6WP2gOUoA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2866449315</pqid></control><display><type>article</type><title>The Side-channel Metrics Cheat Sheet</title><source>EBSCOhost Business Source Ultimate</source><source>Association for Computing Machinery:Jisc Collections:ACM OPEN Journals 2023-2025 (reading list)</source><creator>Papagiannopoulos, Kostas ; Glamočanin, Ognjen ; Azouaoui, Melissa ; Ros, Dorian ; Regazzoni, Francesco ; Stojilović, Mirjana</creator><creatorcontrib>Papagiannopoulos, Kostas ; Glamočanin, Ognjen ; Azouaoui, Melissa ; Ros, Dorian ; Regazzoni, Francesco ; Stojilović, Mirjana</creatorcontrib><description>Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have been adopted or defined to express and quantify side-channel security. These metrics can relate to one another, but also conflict in terms of effectiveness, assumptions, and security goals. In this work, we review the most commonly used metrics in the field of side-channel analysis. We provide a self-contained presentation of each metric, along with a discussion of its limitations. We practically demonstrate the metrics on examples of relevant implementations of the Advanced Encryption Standard (AES), and make the software implementation of the presented metrics available to the community as open source. This work, being beyond a survey of the current status of metrics, will allow researchers and practitioners to produce a well-informed security evaluation through a better understanding of its supporting and summarizing metrics.</description><identifier>ISSN: 0360-0300</identifier><identifier>EISSN: 1557-7341</identifier><identifier>DOI: 10.1145/3565571</identifier><language>eng</language><publisher>New York, NY: ACM</publisher><subject>Computer science ; Cryptanalysis and other attacks ; Cryptography ; Security ; Security and privacy ; Side-channel analysis and countermeasures</subject><ispartof>ACM computing surveys, 2023-10, Vol.55 (10), p.1-38, Article 216</ispartof><rights>Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from</rights><rights>Copyright Association for Computing Machinery Oct 2023</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043</citedby><cites>FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043</cites><orcidid>0000-0003-2011-5633 ; 0000-0001-5649-5020 ; 0000-0002-5008-1756 ; 0000-0001-5873-0960 ; 0000-0001-6385-0780 ; 0000-0001-8275-8365</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,777,781,27906,27907</link.rule.ids></links><search><creatorcontrib>Papagiannopoulos, Kostas</creatorcontrib><creatorcontrib>Glamočanin, Ognjen</creatorcontrib><creatorcontrib>Azouaoui, Melissa</creatorcontrib><creatorcontrib>Ros, Dorian</creatorcontrib><creatorcontrib>Regazzoni, Francesco</creatorcontrib><creatorcontrib>Stojilović, Mirjana</creatorcontrib><title>The Side-channel Metrics Cheat Sheet</title><title>ACM computing surveys</title><addtitle>ACM CSUR</addtitle><description>Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have been adopted or defined to express and quantify side-channel security. These metrics can relate to one another, but also conflict in terms of effectiveness, assumptions, and security goals. In this work, we review the most commonly used metrics in the field of side-channel analysis. We provide a self-contained presentation of each metric, along with a discussion of its limitations. We practically demonstrate the metrics on examples of relevant implementations of the Advanced Encryption Standard (AES), and make the software implementation of the presented metrics available to the community as open source. This work, being beyond a survey of the current status of metrics, will allow researchers and practitioners to produce a well-informed security evaluation through a better understanding of its supporting and summarizing metrics.</description><subject>Computer science</subject><subject>Cryptanalysis and other attacks</subject><subject>Cryptography</subject><subject>Security</subject><subject>Security and privacy</subject><subject>Side-channel analysis and countermeasures</subject><issn>0360-0300</issn><issn>1557-7341</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNo90E1Lw0AQBuBFFIxVvHsKKHiKzmR2N81RQv2AiofWc9jdTEhKm9Td9OC_N5Lq6YWZhxl4hbhGeECU6pGUVirDExHhmElGEk9FBKQhAQI4FxchbAAglagjcbduOF61FSeuMV3H2_idB9-6EBcNmyFeNczDpTirzTbw1TFn4vN5sS5ek-XHy1vxtExMSmpIjDKUoZMI7FKwFdg8c6mmOVo2NqcacjJKEuo8VTwOLRm00pKqdFaBpJm4ne7uff914DCUm_7gu_Flmc61ljInVKO6n5TzfQie63Lv253x3yVC-VtBeaxglDeTNG73j_6WP2gOUoA</recordid><startdate>20231001</startdate><enddate>20231001</enddate><creator>Papagiannopoulos, Kostas</creator><creator>Glamočanin, Ognjen</creator><creator>Azouaoui, Melissa</creator><creator>Ros, Dorian</creator><creator>Regazzoni, Francesco</creator><creator>Stojilović, Mirjana</creator><general>ACM</general><general>Association for Computing Machinery</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-2011-5633</orcidid><orcidid>https://orcid.org/0000-0001-5649-5020</orcidid><orcidid>https://orcid.org/0000-0002-5008-1756</orcidid><orcidid>https://orcid.org/0000-0001-5873-0960</orcidid><orcidid>https://orcid.org/0000-0001-6385-0780</orcidid><orcidid>https://orcid.org/0000-0001-8275-8365</orcidid></search><sort><creationdate>20231001</creationdate><title>The Side-channel Metrics Cheat Sheet</title><author>Papagiannopoulos, Kostas ; Glamočanin, Ognjen ; Azouaoui, Melissa ; Ros, Dorian ; Regazzoni, Francesco ; Stojilović, Mirjana</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Computer science</topic><topic>Cryptanalysis and other attacks</topic><topic>Cryptography</topic><topic>Security</topic><topic>Security and privacy</topic><topic>Side-channel analysis and countermeasures</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Papagiannopoulos, Kostas</creatorcontrib><creatorcontrib>Glamočanin, Ognjen</creatorcontrib><creatorcontrib>Azouaoui, Melissa</creatorcontrib><creatorcontrib>Ros, Dorian</creatorcontrib><creatorcontrib>Regazzoni, Francesco</creatorcontrib><creatorcontrib>Stojilović, Mirjana</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>ACM computing surveys</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Papagiannopoulos, Kostas</au><au>Glamočanin, Ognjen</au><au>Azouaoui, Melissa</au><au>Ros, Dorian</au><au>Regazzoni, Francesco</au><au>Stojilović, Mirjana</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>The Side-channel Metrics Cheat Sheet</atitle><jtitle>ACM computing surveys</jtitle><stitle>ACM CSUR</stitle><date>2023-10-01</date><risdate>2023</risdate><volume>55</volume><issue>10</issue><spage>1</spage><epage>38</epage><pages>1-38</pages><artnum>216</artnum><issn>0360-0300</issn><eissn>1557-7341</eissn><abstract>Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have been adopted or defined to express and quantify side-channel security. These metrics can relate to one another, but also conflict in terms of effectiveness, assumptions, and security goals. In this work, we review the most commonly used metrics in the field of side-channel analysis. We provide a self-contained presentation of each metric, along with a discussion of its limitations. We practically demonstrate the metrics on examples of relevant implementations of the Advanced Encryption Standard (AES), and make the software implementation of the presented metrics available to the community as open source. This work, being beyond a survey of the current status of metrics, will allow researchers and practitioners to produce a well-informed security evaluation through a better understanding of its supporting and summarizing metrics.</abstract><cop>New York, NY</cop><pub>ACM</pub><doi>10.1145/3565571</doi><tpages>38</tpages><orcidid>https://orcid.org/0000-0003-2011-5633</orcidid><orcidid>https://orcid.org/0000-0001-5649-5020</orcidid><orcidid>https://orcid.org/0000-0002-5008-1756</orcidid><orcidid>https://orcid.org/0000-0001-5873-0960</orcidid><orcidid>https://orcid.org/0000-0001-6385-0780</orcidid><orcidid>https://orcid.org/0000-0001-8275-8365</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 0360-0300
ispartof	ACM computing surveys, 2023-10, Vol.55 (10), p.1-38, Article 216
issn	0360-0300 1557-7341
language	eng
recordid	cdi_proquest_journals_2866449315
source	EBSCOhost Business Source Ultimate; Association for Computing Machinery:Jisc Collections:ACM OPEN Journals 2023-2025 (reading list)
subjects	Computer science Cryptanalysis and other attacks Cryptography Security Security and privacy Side-channel analysis and countermeasures
title	The Side-channel Metrics Cheat Sheet
url	http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T08%3A32%3A15IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=The%20Side-channel%20Metrics%20Cheat%20Sheet&rft.jtitle=ACM%20computing%20surveys&rft.au=Papagiannopoulos,%20Kostas&rft.date=2023-10-01&rft.volume=55&rft.issue=10&rft.spage=1&rft.epage=38&rft.pages=1-38&rft.artnum=216&rft.issn=0360-0300&rft.eissn=1557-7341&rft_id=info:doi/10.1145/3565571&rft_dat=%3Cproquest_cross%3E2866449315%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-a235t-a5a371c410ec20bd0b97c26381beab93f093a54316925e1beb3a1b4b35d67d043%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2866449315&rft_id=info:pmid/&rfr_iscdi=true