Modeling the information leakage of embedded cryptographic devices.

In the information age, more and more data is processed, transferred and stored in electronic form. In many applications, small electronic devices that implement security mechanisms are provided to users to secure valuable information. While the security mechanisms are effective in their theoretical descriptions, their implementations in devices are subject to more threats. Just like one observes that it takes more time to add 47 and 24 than it takes to add 1 and 1, implementations of security mechanisms in devices leak sensitive information. This information facilitates circumventing the security mechanism significantly. This research project deals with modeling the information leakage of devices. The first goal is to formulate and define a notion for the quality of a leakage model, and to develop procedures that allow to measure how well a model fits a device. The second goal concerns the design of security mechanisms that take the information leakage of their implementations into account. The goal is to derive assumptions about the information leakage that are realistic yet simple enough to work with in theory, and to devise methods that allow to validate if a given device fulfills the assumptions.

Keywords:Embedded system, Cryptography, IT security, Side channel analysis, Information leakage

Disciplines:Other engineering and technology