To use our site, you agree to the use of cookies and data processing according to our privacy statement.

Understanding Leakage Detection

Learn how to grasp the intuition behind leakage detection methodologies in this free online course.

Access this course now

Leakage detection plays an increasingly important role in the security evaluation of cryptographic devices. A particularly popular approach is the Test Vector Leakage Assessment framework proposed by Cryptography Research Inc. This consists of a suite of simple statistical tests tailored to either confirm or rule out many typical forms of side-channel vulnerabilities. However, if TVLA-style evaluations are performed without an adequate understanding of the statistical theory underpinning them, the risks are that tests may be misapplied, that outcomes may be misunderstood, and that conclusions may be overstated.

The aim of this tutorial is to help you grasp the intuition behind leakage detection methodologies and achieve a sound technical appreciation of how and why they work. We will motivate and describe the current popular practice, including correlation-based tests, and expose some of the limitations, with a special focus on ISO standard 17825. By the end of this tutorial you will be equipped to carry out leakage detection tests sensibly and interpret the outcomes responsibly.

This tutorial is created in collaboration with the crypto research groups of University of Bristol and Université Catholique de Louvain, as part of the REASSURE project.

Access this course here