Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Improving the Design and Evaluation of Cryptographic Implementations against Leakage — Can Open Source Help and How?

June 29, 2022


François-Xavier Standaert - UCLouvain



In this talk, I will (1) argue that taking full advantage of research progresses in embedded security through (ideally standardized) countermeasures may strongly benefit from open source implementations maintained and publicly evaluated over time, and (2) describe a model of development that can serve such purposes by complementing the industrial ecosystem rather than competing with it, enabling a gradual integration of open source solutions when they become sufficiently stable over time.

On the one hand, it is expected that combining the longer-term quantitative evaluations that open source designs enable with shorter-term certifications to assess their integration will give rise to stronger technological building blocks in a foreseeable future. On the other hand, it is expected that identifying some open source designs as practically-relevant targets can serve as a constructive interface between academic research and industrial developments, limiting the need of hardly productive discussions about research being unpractical and, as a result, the need to target deployed products as a counter-argument (with all the responsible disclosure issues that it raises).

Note that while the examples in the talk will primarily focus on side-channel security, the general ideas put forward could be applicable to other physical (e.g., fault) attacks.

Presented at

Crypto Reading Club talk on 2022-Jun-29

Parent Project

See: Crypto Reading Club

Related Topics

Security and Privacy: cryptography

Created June 29, 2022, Updated November 08, 2022