Essential Side Channel Analysis Training
Modern electronic systems may leak unintended information through side channels such as the instantaneous power consumption, and electromagnetic radiation. Analyzing the impact of such leakage is known as side channel analysis (SCA). Although standard practice in some industries, the threat of leaking secrets via side channels can be underestimated or ignored.
Regardless of your background, this training is designed to help you understand what makes SCA easy and what makes it difficult. You learn the practice of side channel analysis from the developers of the best-in-class analysis tools and apply the gained knowledge to your embedded device. Avoid costly development, should a leak be discovered by a third party.
Duration: 3 days
Type: Classroom/Hands-on exercises
Who is this training for?
This course is intended for evaluators looking to get a better grip on performing side channel testing, government organizations seeking to analyze the threat posed by state-of-the-art side channel attack, or Inspector customers. The course is equally interesting for manufacturers, security evaluators and researchers evaluating side channel tooling to expand or renew their setup.
Aims and Objectives
This course provides the foundation knowledge and skills to evaluate the resistance of cryptographic implementations to side channel analysis. The main learning objective of the three day training is the methodology of applying SCA to a wide range of devices from the very simple, unprotected smartcards to implementations protected with advanced countermeasures or complex embedded applications.
While the concepts we teach are generic and can be replicated using different equipment, during the training we use our Riscure Inspector tool. We can effectively demonstrate a wide range of SCA concepts using this class-leading tool that combines precise hardware and constantly updated software to help you protect your device against the most advanced hardware attacks.
“I would tell that it covers basic as well as advanced topics that would take someone from knowing almost nothing in SCA to a position where he can directly start working in that field”.
“It is a good way to get up to speed with side channel attacks and how to use a lot of the software. You learn a lot of good techniques that you wouldn’t come by on your own necessarily”.
“A very useful and interactive training to get a crash course on performing SCA and FI attacks on real hardware”.
Side Channel Analysis in action
Guessing the correct value of a four digit PIN takes typically 500000 trials. Suppose the adversary has access to the power consumed by the device while verifying the PIN code. The traces look like this:
Can you guess by how many orders of magnitude the search space is reduced? (Hint: order of 10)