Binary Data Analysis for Source Code Leakage Assessment

  • Adrien Facon
  • Sylvain Guilley
  • Matthieu Lec’hvien
  • Damien MarionEmail author
  • Thomas Perianin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11359)


Side Channel Analysis (SCA) is known to be a serious threat for cryptographic algorithms since twenty years. Recently, the explosion of the Internet of Things (IoT) has increased the number of devices that can be targeted by these attacks, making this threat more relevant than ever. Furthermore, the evaluations of cryptographic algorithms regarding SCA are usually performed at the very end of a product design cycle, impacting considerably the time-to-market in case of security flaws. Hence, early simulations of embedded software and methodologies have been developed to assess vulnerabilities with respect to SCA for specific hardware architectures. Aiming to provide an agnostic evaluation method, we propose in this paper a new methodology of data collection and analysis to reveal leakage of sensitive information from any software implementation. As an illustration our solution is used interestingly to break a White Box Cryptography (WBC) implementation, challenging existing simulation-based attacks.


Software analysis GNU debugger (GDB) Differential computation analysis (DCA) Correlation power analysis (CPA) Binary analysis Realignment algorithm Virtualyzr\(^\mathrm{TM}\) tool 



This work was partly supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No. 2016-0-00399, Study on secure key hiding technology for IoT devices [KeyHAS Project]) and other project(s).


  1. 1.
    Ahn, H., Han, D.-G.: Multilateral white-box cryptanalysis: case study on WB-AES of CHES challenge 2016. IACR Cryptology ePrint Archive 2016:807 (2016)Google Scholar
  2. 2.
    Allibert, J., Feix, B., Gagnerot, G., Kane, I., Thiebeauld, H., Razafindralambo, T.: Chicken or the egg - computational data attacks or physical attacks. IACR Cryptology ePrint Archive 2015:1086 (2015)Google Scholar
  3. 3.
    Bos, J.W., Hubain, C., Michiels, W., Teuwen, P.: Differential computation analysis: hiding your white-box designs is not enough. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 215–236. Springer, Heidelberg (2016). Scholar
  4. 4.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). Scholar
  5. 5.
    Debande, N., Berthier, M., Bocktaels, Y., Le, T.-H.: Profiled model based power simulator for side channel evaluation. IACR Cryptology ePrint Archive 2012:703 (2012)Google Scholar
  6. 6.
    Debande, N., Souissi, Y., Nassar, M., Guilley, S., Le, T.-H., Danger, J.-L.: “Re-synchronization by moments”: an efficient solution to align side-channel traces. In: 2011 IEEE International Workshop on Information Forensics and Security, WIFS 2011, Iguacu Falls, Brazil, 29 November-2 December 2011, pp. 1–6 (2011)Google Scholar
  7. 7.
    Doget, J., Prouff, E., Rivain, M., Standaert, F.-X.: Univariate side channel attacks and leakage modeling. J. Crypt. Eng. 1(2), 123–144 (2011)CrossRefGoogle Scholar
  8. 8.
    Guilley, S., Khalfallah, K., Lomne, V., Danger, J.-L.: Formal framework for the evaluation of waveform resynchronization algorithms. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 100–115. Springer, Heidelberg (2011). Scholar
  9. 9.
    McCann, D., Whitnall, C., Oswald, E.: ELMO: emulating leaks for the ARM cortex-M0 without access to a side channel lab. IACR Cryptology ePrint Archive 2016:517 (2016)Google Scholar
  10. 10.
    Thiebeauld, H., Gagnerot, G., Wurcker, A., Clavier, C.: SCATTER: a new dimension in side-channel. Cryptology ePrint Archive, Report 2017/706 (2017).
  11. 11.
    Thuillet, C., Andouard, P., Ly, O.: A smart card power analysis simulator. In: Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, CSE 2009, Vancouver, BC, Canada, 29–31 August 2009, pp. 847–852 (2009)Google Scholar
  12. 12.
    van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving differential power analysis by Elastic alignment. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 104–119. Springer, Heidelberg (2011). Scholar
  13. 13.
    Veshchikov, N.: SILK: high level of abstraction leakage simulator for side channel analysis. In: Proceedings of the 4th Program Protection and Reverse Engineering Workshop, PPREW@ACSAC 2014, New Orleans, LA, USA, 9 December 2014, pp. 3:1–3:11 (2014)Google Scholar
  14. 14.
    Whitnall, C., Oswald, E.: A fair evaluation framework for comparing side-channel distinguishers. J. Crypt. Eng. 1(2), 145–160 (2011)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Adrien Facon
    • 1
    • 3
  • Sylvain Guilley
    • 1
    • 2
    • 3
  • Matthieu Lec’hvien
    • 1
  • Damien Marion
    • 1
    • 2
    Email author
  • Thomas Perianin
    • 1
  1. 1.Secure-IC S.A.SRennesFrance
  2. 2.Telecom ParisTech, Institut Mines-TélécomParisFrance
  3. 3.École Normale SupérieureParisFrance

Personalised recommendations