SubsidieMeestersGeneration and Verification of Masking Countermeasures Against Side-Channel Attacks
AMAskZONE aims to create a toolbox for generating and verifying secure cryptographic implementations on embedded devices, combining empirical testing and formal verification for practical security.
Projectdetails
Introduction
Cryptography is everywhere in our daily life to ensure the confidentiality and authentication of our communications and the integrity of our records. Although there are strong expectations regarding the security of cryptographic schemes against black-box attackers whose knowledge is restricted to a few inputs or outputs, the security of their implementations is less challenged.
Vulnerabilities in Implementations
However, once implemented on embedded devices, cryptographic schemes become vulnerable to powerful side-channel attacks. The latter additionally exploit the physical leakage (e.g., power consumption) released by the device to recover the manipulated secrets. With cheap equipment, side-channel attacks may yield tremendous damage (e.g., full key recovery) within seconds. Nevertheless, the current security level of countermeasures is not yet close to that achieved in the black-box model.
Community Perspectives
The community is divided on how to assess the security of cryptographic implementations.
Practitioners vs. Theorists
- From practitioners' perspective, they need to be confronted with concrete side-channel attacks directly on embedded devices.
- Conversely, theorists consider that such an empirical approach is not portable and does not yield concrete security levels (e.g., not all attacks can be tested).
Therefore, they instead investigate security proofs based on abstract leakage models, although the latter are often too far removed from reality to yield practical security.
Project Goals
In this project, I plan to combine the advantages of both worlds with a toolbox to generate and verify cryptographic implementations with practical security. Namely, I aim to:
- Design new compilers to turn any high-level algorithm into an efficient implementation proven secure for identified concrete devices.
- Push the limits of formal verification with device characterization and polynomial complexity for industrial use.
Main Challenge
The main challenge of AMAskZONE is to design and verify cryptographic implementations so that they achieve measurable practical security.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 1.495.250 |
| Totale projectbegroting | € 1.495.250 |
Tijdlijn
| Startdatum | 1-9-2023 |
| Einddatum | 31-8-2028 |
| Subsidiejaar | 2023 |
Partners & Locaties
Projectpartners
- CRYPTOEXPERTS SASpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
SecuStack: Securing the Leaky Hardware/Software BoundarySecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks. | ERC Starting... | € 1.500.000 | 2024 | Details |
Connecting Symmetric and Asymmetric Cryptography for Leakage and FaultsThe BRIDGE project seeks to unify symmetric and asymmetric cryptography to enhance implementation security against attacks, particularly for post-quantum schemes, through innovative design strategies. | ERC Advanced... | € 2.499.560 | 2023 | Details |
Getting SYMmetric CryPtography Out of its Comfort ZONeThe SYMPZON project aims to innovate symmetric cryptography by developing new secure and efficient primitives over integer rings to enhance performance and security for emerging applications. | ERC Starting... | € 1.499.309 | 2025 | Details |
Decentralized Cryptographic SystemsThis project aims to develop robust cryptographic systems that align theoretical models with real-world challenges, enhancing security and efficiency for decentralized infrastructures. | ERC Consolid... | € 1.998.351 | 2024 | Details |
Solid Basis for Symmetric CryptographySoBaSyC aims to unify and optimize cryptanalysis techniques for symmetric cryptography, creating a comprehensive toolbox to enhance security and confidence in new cryptographic constructions. | ERC Consolid... | € 2.000.000 | 2024 | Details |
SecuStack: Securing the Leaky Hardware/Software Boundary
SecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks.
Connecting Symmetric and Asymmetric Cryptography for Leakage and Faults
The BRIDGE project seeks to unify symmetric and asymmetric cryptography to enhance implementation security against attacks, particularly for post-quantum schemes, through innovative design strategies.
Getting SYMmetric CryPtography Out of its Comfort ZONe
The SYMPZON project aims to innovate symmetric cryptography by developing new secure and efficient primitives over integer rings to enhance performance and security for emerging applications.
Decentralized Cryptographic Systems
This project aims to develop robust cryptographic systems that align theoretical models with real-world challenges, enhancing security and efficiency for decentralized infrastructures.
Solid Basis for Symmetric Cryptography
SoBaSyC aims to unify and optimize cryptanalysis techniques for symmetric cryptography, creating a comprehensive toolbox to enhance security and confidence in new cryptographic constructions.