Design (high-level ideas)

Spook is exploiting various design ideas in order to ensure low-energy side-channel security (primary implementation target) and low-energy unprotected implementations (secondary implementation target), while also ensuring strong black box security guarantees.

Energy is our main performance metric given its increasing importance with battery-operated devices possibly exploiting energy harvesting. Side-channel security is also a central design goal since IoT applications generally enable an increased physical access to the devices by adversaries.


Low-energy side-channel security

The primary target of the Spook design is side-channel security at low energy cost. This goal is ensured by the following high-level ideas:

A general motivation for these advanced physical security features can be found next:

Note that one important aspect of our security claims is that we consider security definitions that allow every computation (including the computation of the “challenge ciphertext”) to leak, a requirement that we call leakage-resistance. This is in contrast with common leakage-resilience definitions excluding the leakage of the challenge ciphertexts.

Low-energy unprotected implementations

Besides its features for strong security against side-channel attacks, Spook is a flexible design also offering good implementation properties in general:

Black box security