on darwinism and side channel resistance

On Darwinism and Side Channel Resistance

RHUL 2013 TalkDavid Naccache

Müllerian Mimicry

“A natural phenomenon in which two or more poisonous species, that may or may not be related and share one or more common predators, have come to mimic each other's warning signals.”

(Named after German naturalist Fritz Müller, who proposed the concept in 1878).

ant

spiderextra legs

antennae

Physics

µP Memorydata

Leakage function

Physics

µP Memorydata

Leakage function

noisepure leakage

digital information

measured leakage

Model

µP Memorydata

Leakage function

noisepure leakage

digital information

measured leakage

Model

µP Memorydata

Leakage function

noisepure leakage

bits

measured leakage

Digital Müllerian SimilarityRules: attack and defense have the same rights:• Both Have the same knowledge about the system• Both can experiment as much as they wish with the system.• Instead of transmitting bits, the defender sacrifices part of

his bandwidth to buy similarity.

𝑘 camouflage value

The -bit number

The Game

𝑓 𝑑 (𝑡 )𝑘 ,𝑣

Defender’s goal: for each select a .

For the values must be such that: is as similar as possible to

The Game

𝑓 𝑑 (𝑡 )𝑘 ,𝑣

Defender’s goal: for each select a .

For the values must be such that: is as similar as possible to

Be as discreet as possible and let noise do the rest of the cover-up work!

A Small ExampleConsider bits.We devote 2 bits to payload data (i.e. ) and the 2 other bits to camouflage (i.e. )

A Small ExampleConsider bits.We devote 2 bits to payload data (i.e. 0,1,2,3) and the 2 other bits to camouflage (i.e. )

We call these « colors »

A Small ExampleWe have sixteen values belonging to four color groups.We need to select one representative in each group

10001001101010111100110111101111

0000 0001001000110100010101100111

A Small ExampleWe have sixteen values belonging to four color groups.We need to select one representative in each group

10001001101010111100110111101111

0000 0001001000110100010101100111

speciesmelopomene

speciescydna

specieserato

speciessapho

Apply Natural SelectionWe have sixteen values belonging to four color groups.We need to select one representative in each group

10001001101010111100110111101111

0000 0001001000110100010101100111

speciesmelopomene

speciescydna

specieserato

speciessapho

Apply Natural Selection

10001001101010111100110111101111

0000 0001001000110100010101100111

speciesmelopomene

speciescydna

specieserato

speciessapho

Criterion: Analogy: MSB = basic genotype, LSB = mutations

How to Find the Good One?Simulating Mutations is easy, measuring similarity is not! Assume that a simplistic blue jay has only one criterion: the global intensity of yellow in the butterfly.

1000 31001 91010 71011 41100 31101 91110 41111 2

0000 0 0001 00010 10011 30100 00101 10110 10111 4

Sort Butterflies by Yellowness

0 1 2 3 4 5 6 7 8 9


0 1 2 3 4 5 6 7 8 9

Problem: Find the shortest segment containing all colorsA quadratic-time algorithm: just scan and keep an optimum.


0 1 2 3 4 5 6 7 8 9


No


0 1 2 3 4 5 6 7 8 9


Yes

Current optimum


0 1 2 3 4 5 6 7 8 9


No

Current optimum


0 1 2 3 4 5 6 7 8 9


Yes

Current optimum


0 1 2 3 4 5 6 7 8 9


Current optimum

No


0 1 2 3 4 5 6 7 8 9

Indeed:

If The Blue Jay is More Perceptive?

If The Blue Jay is More Perceptive?Cyanocitta cristata oculus-laseris perceives both size and yellow levels.

Well… Now Trouble StartsIn terms of similarity, how many yellow units worth one size unit?

Well… Now Trouble StartsEven if we simplify and assume that 1 size unit = 1 yellow unit how do we find the optimum?

Well… Now Trouble StartsEven if we simplify and assume that 1 size unit = 1 yellow unit how do we find the optimum?Even worse: the Blue Jay’s perception of size and yellow might even be negatively correlated! i.e. if sizes are hard to distinguish then yellows are not and conversely.

Well… Now Trouble StartsEven if we simplify and assume that 1 size unit = 1 yellow unit how do we find the optimum?Even worse: the Blue Jay’s perception of size and yellow might even be negatively correlated! i.e. if sizes are hard to distinguish then yellows are not and conversely.Luckily this can be dealt with.

Well… Now Trouble StartsEven if we simplify and assume that 1 size unit = 1 yellow unit how do we find the optimum?Even worse: the Blue Jay’s perception of size and yellow might even be negatively correlated! i.e. if sizes are hard to distinguish then yellows are not and conversely.Luckily this can be dealt with.For now we assume equal weights and independence.

The New ProblemHere each is a side channel curve with 2 samples

Power Sample 2

PowerSample 1

Power

Time

The New ProblemHere each is a side channel curve with 2 samples

Power Sample 2

PowerSample 1

The New ProblemFind the smallest circle containing all colors

Level of yellow

Size

Note: easy generalization to more properties (will be see later)

Find the smallest sphere containing all colors

The New ProblemFind the smallest circle containing all colors

Level of yellow

Size

The New Problem1. How to do this? 2. At what cost?

Level of yellow

Size

The AlgorithmTake a point at random and find any solution

Level of yellow

Size

The AlgorithmCall the radius of this solution

Level of yellow

Size

𝑟

The AlgorithmHalve the plane

Level of yellow

Size

The AlgorithmHalve the plane

The AlgorithmAdd units at each side

Split to Two Sub-ProblemsFind optimum here

Find optimum here

Split to Two Sub-Problems


Problem 1 Problem 2


Problem 1 Problem 2

Inte

rsec

tion

Interesting Propertymin(Problem) = min(min(Problem 1),min(Problem 2))

Hence:• Iterate the process (possibly cutting along 2 dimensions) until

halving hits a fix-point (i.e. adding compensates halving).• Solve each sub-problem by any algorithm and compute the

min over all solutions.

Higher Dimensions?

A well studied problem, ready to use tools exist:

Output of our program

Infinite Dimensions?

Problem can be modeled in terms of distance between functions.

We Are Now Ready to

• Settle the question of dimension units.• Take correlations into account.• Justify Euclidean distance.

How to Evaluate a Distance?

stand for yellow levels and for sizes

¿ 𝑦 𝑖−𝑦 𝑗∨¿

¿ 𝑠𝑖−𝑠 𝑗∨¿



¿ 𝑦 𝑖−𝑦 𝑗∨¿


No brainerclose!



¿ 𝑦 𝑖−𝑦 𝑗∨¿


No brainerclose!

No brainerfar!



¿ 𝑦 𝑖−𝑦 𝑗∨¿


No brainerclose!

No brainerfar!??

When how many yellow saturation units worth one mm of size?!

¿ 𝑦 𝑖−𝑦 𝑗∨¿


No brainerclose!

No brainerfar!??


Compare apples to tomatoes?!

¿ 𝑦 𝑖−𝑦 𝑗∨¿


No brainerclose!

No brainerfar!??


The solution …

Compute

and compare by increasing order of

2

2

2

2

,s

ji

y

jiji σ

)s(sσ

)y(yd

Are we done? No!

The above assumes that butterfly yellowness and size are independent.If they were not, a hidden parameter will “count twice”!Example: weight and size are not independent.

Dealing With Correlations

Assume that we want to use, size, weight and yellowness.Evidently but

This is easy to generalize to more parameters with more correlations. cf. full paper.Euclidian distance stems from assumed multi-dimensional Gaussian distributions.

ws

ijij

y

ij

s

ij

w

ijji

sswwyysswwd

)1())((2)(

)1()(

)1()(

22

2

22

2

22

2

,

Real-Life Experiments

2 bit k (i.e. 4 colors)

And the winners are…

Illustration

What Advantages?

• Little technologic assumptions on leakage model.• Take any off the shelf memory chip and at the

cost of – Simple measurements – (intensive) one-time calculations– Reduction of the useful storage capacity

turn this memory into more side-channel-resistant memory.

on darwinism and side channel resistance

Documents

shortest segment

small examplea small

channel resistancerhul

simulating mutations

global intensity of

german naturalist fritz

prsentation powerpoint

simplistic blue jay