Sound and Early Assessment of Leakage for Embedded Software

Side channel attacks use, alongside information such as plaintexts or ciphertexts, leakage about the (secret) keydependent intermediate state(s), and deliver a `key ranking' as a result. Kocher's attacks showed, that formany practical implementations, observing a few encryptions made complete key recovery possible in practice. The academic research into combating these attacks so far has largely focused on approaches and tools to equip specialisedcryptographic engineers with access to a specialist lab and tools. The research hypothesis of this CoG is that one can make meaningful statements about the leakage behaviour ofarbitrary implementations on small devices by utilising a-priori derived (instruction level) leakage models. Our visionis to enable developers with limited domain-specific knowledge to perform side channel evaluations at design timewithout access to a fully equipped lab, by creating tools and methodologies that integrate a priori derived instructionlevel leakage models into a standard compiler.

This vision is articulated in three overarching research objectives:

1. Designing novel profiling strategies including novel leakage acquisition techniques to generate leakagemodels for a specific target device.

2. Developing fast and comprehensive methods to support rapid evaluations (WP2).

3. Integration of semantics, syntax and tools capable of using profiling information into a standard compilerwith the aim to evaluate and improve the side channel resilience of the target code. 

Addressing these goals simultaneously is required to make substantial progress towards the overall vision of thisproject. As a final result, we will make demonstrators available: using a off-the shelf components, we supply thenecessary tools and compiler enhancements including samples of cryptographic implementations to conduct analysesand demonstrate improvements regarding side channel resilience. 

Schlagworte: Side channel analysis, leakage resilient, physical security
Kurztitel: SEAL
Zeitraum: 01.06.2019 - 31.08.2023
Homepage: -



Projekttyp Forschungsförderung (auf Antrag oder Ausschreibung)
Förderungstyp §27
  • Angewandte Forschung
  • 1020 - Informatik
  • Humans in the Digital Age
Genderrelevanz Genderrelevanz nicht ausgewählt
  • Science to Science (Qualitätsindikator: I)
Klassifikationsraster der zugeordneten Organisationseinheiten:
Arbeitsgruppen Keine Arbeitsgruppe ausgewählt


Horizon 2020
Organisation: European Commission

Organisation: European Commission


Keine Kooperationspartner ausgewählt