I attended the workshop Constructive Side-Channel Analysis and Secure Design (COSADE 2015) 13-14 April in Berlin. This marks the 6th iteration of the annual workshop that launched in 2010, and the 2nd time I’ve attended — previously in 2011.
To explain side-channels, I like to start with the following joke:
An engineer, a physicist, and a mathematician are shown a pasture with a herd of sheep, and told to put them inside the smallest possible amount of fence.
The engineer is first. He herds the sheep into a circle and then puts the fence around them, declaring, “A circle will use the least fence for a given area, so this is the best solution.”
The physicist is next. He creates a circular fence of infinite radius around the sheep, and then draws the fence tight around the herd, declaring, “This will give the smallest circular fence around the herd.”
The mathematician is last. After giving the problem a little thought, he puts a small fence around himself and then declares, “I define myself to be on the outside.”
Mathematicians like definitions and models (albeit grounded in reality or not), and theoretical cryptographers are no different, proving the security of cryptosystems within certain models. Side-channel attacks instead target implementations of crypto and attempt to recover keys by procuring signals while real world devices are performing cryptographic operations. Typical signals can be power consumption, electromagnetic emanations, or latency measurements. I find it an interesting field because it’s entire existence is essentially due to the failure of classical security models to capture inherent implementation aspects.
My main task at COSADE was to present my paper “Faster software for fast endomorphisms” that speeds up Elliptic Curve Cryptography (ECC) within OpenSSL and, at the same time, also implements a few side-channel countermeasures to improve the security of the ubiquitous library (patch 1, patch 2).
There were many interesting talks at the conference. Ross Anderson’s invited talk “Why Cryptosystems still fail” was my favorite. This is the 2nd time I’ve attended an invited talk by Ross and he never ceases to impress. Really practical angle on all the problems associated with security and crypto deployment — tale after tale of epic fails.
My favorite contributed talk was “Side Channel Attacks on Smartphones and Embedded Devices using Standard Radio Equipment”. Gabriel Goller was a great speaker, and had a nice demo of a low cost setup for non-invasively capturing signals emanating from a smartphone.
All in all, I feel COSADE 2015 was a big success — interesting talks and good networking. I look forward to attending the workshop again in the future.