Side channels are a commonly exploited to derive secret information from hardware. These leak information through unintended sources, e.g., the amount of time to perform an encryption. They have been shown to be a powerful attack to extract cryptographic keys and other confidential information. There are many defenses against these timing side channel attacks. Most of them perform some sort of randomization in an attempt to mask the computation time. Yet, it has been difficult to quantify the benefit of these defenses.
Our recent research provides a metric to allow designers to determine how resilient their design is in the face of a side channel attack. While there are many metrics for hardware designers, these have focused on performance, power, and area. We developed information theoretic approaches and showed that they can be used to quantify timing-based information leakage. This is detailed in our recently accepted paper, “Quantifying Timing-Based Information Flow in Cryptographic Hardware” at the International Conference on Computer Aided Design. Vinnie will present the paper in Austin, TX in November. Congrats to all the authors: Baolei Mao, Vinnie Wei Hu, Alric Althoff, Janarbek Matai, Jason Oberg, Dejun Mu, Tim Sherwood, and Ryan Kastner.