Key rank estimation provides a measure of the effort that the attacker hasto spend bruteforcing the key of a cryptographic algorithm, after having gained someinformation from a side channel attack. We presentMCRank, a novel method for keyrank estimation based on Monte Carlo sampling.MCRankprovides an unbiased estimateof the rank and a confidence interval. Its bounds rapidly become tight for increasingsample size, with a corresponding linear increase of the execution time. When appliedto evaluate an AES-128 implementation,MCRankcan be orders of magnitude fasterthan the state-of-the-art histogram-based enumeration method for comparable boundtightness. It also scales better than previous work for large keys, up to 2048 bytes.Besides its conceptual simplicity and efficiency,MCRankcan assess for the first time thesecurity of large keys even if the probability distributions given the side channel leakageare not independent between subkeys, which occurs, for example, when evaluating theleakage security of an AES-256 implementation.
Camurati, G., Dell’Amico, M., & Standaert, F.-X. (2023). MCRank: Monte Carlo Key Rank Estimation for Side-Channel Security Evaluations. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023(1), 277-300. https://doi.org/10.46586/tches.v2023.i1.277-300 (Original work published 2023)