CHES 2025 - ECTester & DOIT

Recently, I presented our work on Let’s DOIT: Using Intel’s Extended HW/SW Contract for Secure Compilation of Crypto Code at CHES 2025 in the hot and humid Kuala Lumpur, Malaysia. The slides are available.

My colleague Vojta also presented exciting joint work, episode 2 of our reverse-engineering trilogy: ECTester: Reverse-engineering side-channel countermeasures of ECC implementations. The slides are available.

Few things for future reference on visiting conferences in Malaysia:

  • ❄️ Freezing inside the conference venue due to the AC being set to arctic conditions was not on my bingo card.
  • 🍻 Malaysia is a generally “dry” country, keep that in mind.
  • 🌶️ Even the non-spicy food is spicy.
  • 🍚 Coffee breaks are savory. Expect rice, noodles, meat and veggies instead of cookies and cake.
  • 🏙 KL has a huge amount of skyscrapers.
  • 🚷 KL is not a walkable city, everyone drives, no-one cares about pedestrians. Crosswalks generally do not matter, unless they have traffic lights.
  • 🚕 Grab is the go-to food delivery and ride share app. It is very cheap and usable.

This year at CHES marks the death of ECC for me. There were only really 7 papers on ECC, compared to tens on PQC topics. Perhaps our reverse-engineering trilogy can still be completed before people stop caring. Real-world deployments of ECC don’t seem to be stopping anytime soon, with cryptocurrencies’ aversity to change or banking sector’s slow migration even from 3DES. The plethora of PQC talks was - in my opinion - mostly similar in nature, with no big breakthroughs or exciting new directions.

I liked the work on PhaseSCA: Exploiting Phase-Modulated Emanations in Side Channels as it showed a (potentially) new source of side-channel leakage: phase. With power leakage hiding countermeasures such as current flattening or noise generation present on real-world devices, the phase may be unaffected and still leak. On a second take MulLeak: Exploiting Multiply Instruction Leakage to Attack the Stack-optimized Kyber Implementation on Cortex-M4 caught my eye. I like that Chameleon: A Dataset for Segmenting and Attacking Obfuscated Power Traces in Side-Channel Analysis provides a dataset. I always like generating code (like pyecsca does) and so am a fan of Generation of Fast Finite Field Arithmetic for Cortex-M4 with ECDH and SQIsign Applications. The paper that - to me - got the closest to exciting new direction in PQC was Rejected Signatures’ Challenges Pose New Challenges: Key Recovery of CRYSTALS-Dilithium via Side-Channel Attacks.

I enjoyed both the OPTIMIST and ORSHIN affiliated events. I share many aspirations with the OPTIMIST project as I believe in the strength of open-source and open-research. I see the effort works well in getting people together to talk about this. However, it feels like a lot of talking and not much of doing in the end and I fear that its outputs will have a certain “design by committee” feeling and will not get proper adoption. To me, the side-channel analysis field needs something like Hugging Face for machine learning, or numpy/scipy for general scientific computing. A generic and well designed toolkit with a large contributor base and proper maintenance. This is of course an ambitious goal, but one worth aiming for. In contrast to that, I enjoy the “let’s do it”-ness of the ORSHIN project, mainly due to contributions by Tropic square, their openness and humbleness. There was a really nice discussion at the end of the event about the relationship between open-source and security as well as certifications and how this all goes together. This gave this year’s CHES a nice dot at the end.

kl
kl

batu-1
batu-1
batu-2
batu-2

pt
pt